(Enter skills, job title, etc.)

VP,Incident Response,Forensics, and Logistics Officer 251031

Job Title:

VP,Incident Response,Forensics, and Logistics Officer 251031


New York, NY


Information Technology

Job Description:

Job Description:

The individual in this role will provide strategic and execution leadership for NIRT’s incident response and forensics services.  Beyond guiding the day-to-day operational responsibilities of the team, the person in this role will work both to improve process, procedure, and the team’s technical capabilities incrementally (e.g., through metrics and reassessment) and to transform practices through reengineering, organizational and service planning, system integration, and new technologies.

He or she will also lead and orchestrate response for more significant cyber incidents (and for significant, imminent cyber threats) as well as prepare, and provide assurance towards, the bank’s incident response readiness and resilience – accounting for cyber incidents that occur on internally managed infrastructure, that apply in supplier environments (e.g., cloud-services), and that in any way have a bearing on the reputational risk on the bank.  The role also includes oversight of a logistics and communications function that covers (and enhances) not only incident response and forensics, but NIRT’s other customer services including intelligence services and security assessments.

Major Responsibilities:

·         Delivers effective written and verbal communications on critical cyber incidents and sensitive security matters for a range of stakeholder audiences such as senior executives, business line leaders, security practitioners, etc.

  • Develops and maintains strategic plans, internal processes, and staff capabilities to support incident response and forensics services
  • Oversees tactical response to potential cyber incidents from a range of adversaries including nation-states, cybercriminals, hacktivists and insiders
  • Oversees multiple related NIRT services, including malware analysis, digital forensics, mobile forensics, network forensics, case management, incident triage, incident orchestration, log analysis, incident communications, crisis management, insider risk investigation, and endpoint detection and response
  • Matures the Federal Reserve’s, and NIRT’s, preparedness for potentially significant cyber security incidents
  • Develops and delivers metrics, analysis, and reporting on cyber incidents to inform the work efforts and decision-making of various stakeholders

·         Establishes communications strategies, content, and mechanisms to optimize the effectiveness and positive impact of NIRT’s analysis and other deliverables across its service offerings; Similarly, establishes provisioning and logistical services that best support NIRT’s range of customer service offerings

·         Recommends improvements to enterprise security controls based on cyber security investigations




·         Ability to motivate, develop and lead a team of technical resources through a period of dynamic change and uncertain conditions in potentially urgent or high-stakes situations, both within an immediate team and across organizational functions such as IT, business areas, Legal, and Human Resources – and to manage incidents from initial triage through to closure and post-mortem after-actions

·         Drives performance and ensures the use of best practices and strategy alignment when solving issues; Develops solutions that impart business accountability, fairness, and appropriate concern

·         Demonstrated leadership ability with a proven record of successfully driving significant change

·         Collaborates with management and other Officers to build solutions and maintain trust-based relationships; Accountable for efficient, cost effective spending and financial responsibility within budgets

·         Able to effectively navigate and achieve results in a federated, multi-location, multi-divisional organizational structure with numerous and diverse business customers

·         Strategic planning skills and experience, with an ability to quickly adapt to changing conditions

·         Establish and effectively communicate a vision and direction for Incident Response services, aligned with the needs of the business

·         Manage team of geographically dispersed individual contributors and managers

·         Actively supports the Bank's diversity agenda, and holds self and others accountable for creating an inclusive workplace

Talent Management

·         Demonstrated leader with ability to effectively attract and retain strong talent, motivate people to deliver results with enthusiasm and loyalty, and build an effective, cohesive and creative management team

·         Makes recommendations surrounding workforce resources and commits the necessary resources to be successful

·         Able to deal effectively and decisively with organizational and personnel issues

·         Develops people for progressively more responsible assignments

·         Responsible for talent management strategy and execution with areas of responsibility, including annual assessments, promotions, skill set analyses, and compensation adjustments

·         Responsible for organizational coaching, training, and goal-setting tied to staff development

Experience, Judgment, and Execution

·         Excellent customer relationship management skills to interface effectively with customers including executives across the Bank and System IT

·         Ability to present ideas and concerns to senior leaders and ability to effectively influence senior level management and key stakeholders

·         Exceptional problem solving skills, willing to take ownership of issues, and drive for resolution

  • Experience planning and implementing incident response technical solutions such as Endpoint Detection and Response, Incident Orchestration, and collaborative forensics platforms

·         Proven record in applying judgment in creating and sustaining a sense of urgency anticipating and/or preventing impacts to business operation

·         Establishes and maintains regular and effective communication channels with officers, managers, and system counterparts, to ensure proper sensitivity to needs of the organization and employees

·         Strong, effective communicator with ability to convey complex issues to a variety of stakeholders with an exceptional management presence that elicits confidence and credibility

·         Facilitates open communication that encourages the expression of diverse ideas and opinions

·         Encourages and promotes culture of creativity, innovation, and continuous improvement; Recognizes and advocates for ideas that hold the greatest potential for improving effectiveness, efficiency, and business values

·         Analytically minded with strong verbal and written communication skills, as well as outstanding presentation, persuasion, and influential capabilities that elicit confidence and credibility

Job Requirements:


·         Bachelor’s degree in Cyber Security, Engineering, Computer Science, or related discipline; or an equivalent combination of education and work experience

·         Ten (10) to fifteen (15) years of experience in cyber security, with at least 7+ years of experience in cyber intelligence, incident response, security assessment, security operations, or computer network defense functions.

·         Demonstrable expertise in crisis management, incident communications, and investigative planning

·         At least five (5) years of leadership experience in progressively responsible roles in a demanding environment; strong leadership skills and ability to effectively manage high performing staff

·         Expert level understanding of incident response and computer network defense

·         Advanced knowledge of adversary tactics, techniques and procedures (TTPs); threat actors including nation-state, cyber-criminal and hacktivist groups

·         Solid understanding of networking protocols and infrastructure designs; including cloud infrastructures, routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols

·         Conversant with the key policy and legal considerations that provide an underpinning for incident response and forensic investigation

·         Well-versed on offensive security techniques as well as internal and external cyber threats

·         U.S. citizenship and ability to obtain and maintain Top Secret level security clearance

Tip of the Week

Make sure your LinkedIn profile is identical or similar to your resume. Consistency is key!


View Starpoint's Top Tips.

Send Us Your Resume

Let Starpoint's expert recruiters help you land your next job.


Submit Your Resume