We Protect Bloomberg. The Bloomberg Security Incident Management (Sec IM) team provides consistent coordination and management of cybersecurity (security) incidents and events across Bloomberg's diverse lines of business and vast global network.
What’s the team?
Sec IM works closely with teams across Bloomberg’s Chief Information Security Office, coordinating, commanding, and documenting response for all security incidents and high profile security events. The team is responsible for ensuring responses are efficient and comprehensive. The team also plays a key role in identifying methods to improve upon similar scenarios. Key partners include incident responders, threat intelligence, vulnerability analysts, security project/program leads and many other teams within the company.
What's the role?
A successful candidate will be focused on coordination, leadership, delegation, documentation, and identification of required response actions, rather than performing technical deep dives such as forensics or reverse engineering. You will be expected to fulfill common incident management roles in a security context where the goal is careful containment and remediation of incidents and events which could jeopardize the confidentiality, integrity, and/or availability of Bloomberg systems and records.
We'll Trust You To
Lead & focus:
- Demonstrate clear & calm leadership, setting the tone for each response
- Command and coordinate a response to security incidents, relevant threats, and high profile security events
- Scope a response to the next best actions
- Ensure response is sustainable for all resources involved
- Support beyond normal shift hours in an emergency or during times of staff shortage
Coordinate & Communicate
- Delegate tasks in a timely manner and manage them to closure
- Facilitate incident / threat resolution through prompt communication across multiple teams
- Document status and regularly communicate updates to stakeholders and senior management
- Develop and track key metrics and reporting related to incident management
Prepare
- Design and maintain procedures that effectively guide security incident management
- Develop, lead, and participate in scenario analyses (e.g. tabletops, functional exercises, etc.)
- Conduct postmortem discussions that identify paths for improving response to similar scenarios, delivering those requirements to appropriate stakeholders that handle short, mid and long term remediation
You'll Need To Have
- Proven ability to manage tasks during high-pressure, complex situations
- Clear and concise written and verbal communication skills
- Strong critical thinking skills
- Ownership to identify problems and pursue solutions, individually and collaboratively
- Commitment to building strong networks and collaborative relationships
- 3+ years of experience leading and managing people, projects, or incidents
- Ability to exercise multiple communication styles to complete incidents
- Commitment to develop team members skills
- Proven ability to multitask
We Would Love To See
- 3+ years experience working in a cyber security operations center or incident management function(s)
- Experience with host and network incident response, data exposure workflows, and/or urgent vulnerability remediation
- Examples of proactively identifying and improving tooling and processes
- Ability to explain complex topics in accessible language
If That Sounds Like You
Apply - if we believe you're a good match, we'll get in touch to let you know next steps.