Principal Cyber Incident Coordinator
Apply NowCompany: Comerica Incorporated
Location: Frisco, TX 75034
Description:
Principal Cyber Incident Coordinator
The Principal Cyber Incident Coordinator acts as the dedicated cyber interface to both internal and external teams. The Principal Cyber Incident Coordinator is responsible for timely execution of all tasks within the incident response plan.
The Principal Cyber Incident Coordinator role functions as both a team leader and an individual contributor of a small group, responsible for coordinating proactive and reactive incident response activities, periodically communicating with relevant stakeholders to facilitate readiness and a continually improving incident response capability.
Job Responsibilities:
Cyber Incident Coordination
Communication and Administration
The Principal Cyber Incident Coordinator acts as the dedicated cyber interface to both internal and external teams. The Principal Cyber Incident Coordinator is responsible for timely execution of all tasks within the incident response plan.
The Principal Cyber Incident Coordinator role functions as both a team leader and an individual contributor of a small group, responsible for coordinating proactive and reactive incident response activities, periodically communicating with relevant stakeholders to facilitate readiness and a continually improving incident response capability.
Job Responsibilities:
Cyber Incident Coordination
- Facilitates and coordinates the cybersecurity response across people, processes, and technology to reduce the impact of and the recovery time for cyber incidents.
- Delivers key takeaways and insights for executive consumption on impact and improvements as a retrospective after an incident.
- Assists Cyber Defense Operations teams in determining if an event needs to be declared as a major security incident, according to defined criteria that is in line with Comerica's compliance responsibilities.
- Leads the integration of cyber incident response activities with the broader organization's incident response processes to ensure cyber risk preparedness and consistency / alignment with the enterprise.
- Oversees incident response activities and keep management informed of the status of incidents through accurate, timely, and appropriate reporting.
- Serves as the interface and main point-of-contact between the cybersecurity teams and relevant business stakeholders to ensure proper incident handling.
- Interfaces with legal teams on applicability of legislation / regulation for threat scenarios and ensure that the response process adheres to legal requirements for Comerica.
Communication and Administration
- Responsible for the maintenance and enhancement of incident response plans, relevant playbooks, and knowledge base to increase efficiencies and control organizational risk.
- Engages and leads process improvement projects across Cyber Defense, enhancing cross-team workflows to drive collaboration between teams to resolve Cyber Incidents.
- Drives partnership with internal compliance organization to ensure alignment across regulatory frameworks.
- Plans, participates, and oversees tabletop exercises and incident simulations to ensure operational readiness and the updates necessary to support coordinated response.
- Continually improves the Cyber Incident Response function through post incident retrospectives (AARs) and soliciting feedback from partners within the cybersecurity organization, as well as engineering and partner teams across Comerica.
- Other duties as assigned.