Incident Response Senior Delivery Manager - Secureworks

About Secureworks

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

Incident Response Senior Delivery Manager

The Secureworks Incident Response team is looking for a Senior Delivery Manager who will work with various Secureworks teams and Incident Response\Readiness consultants to grow the Secureworks consulting practice. The Incident Response Delivery Manager will work with the IR management team, IR team leads, incident responders, and incident readiness consultants within the Consulting practice to oversee all consulting matters. Deliverables may be proactive (e.g. capability building or threat hunting) or reactive incident/breach response.  Mentoring team members on service delivery excellence and consulting skills, as well as working directly with customers to resolve any blockers/issues, is a key component of the role. The candidate will be expected to work on engagements with a minimum requirement of 25% billable work.

The successful candidate will have experience in developing, managing, and operating incident response capabilities, conducting training, exercises, and workshops, and will be familiar with tactics, techniques, and procedures commonly employed by and used to thwart threat actors. Familiarity with the drivers and constraints that organizations are working with and against while trying to secure their infrastructure and data is a necessity.

This position requires up to 20% travel.

On call is required.

Role Responsibilities

• Manage teams of IR consultants to coordinate engagement work across multiple customers and teams.
• Responsible for all aspects of people management, including recruiting, training, employee performance management and development.
• Responsible for the success and the overall delivery of IR consulting engagements.
• Directly lead and manage customer cyber security incidents by guiding customers through investigation, scoping, containment, and remediation.
• Lead and manage incident readiness engagements that help prepare Secureworks customers for a cyber security incident.
• Work closely with other internal stakeholders, including leadership, the Resource Coordinators, Project Managers, Sales, Sales Engineering, Product, Marketing, Operations, other delivery practices. 
• Oversee, establish, and improve delivery governance, methodologies, best practices, procedures, and other practice initiatives.
• Act as a point of escalation and resolution for customer satisfaction issues and strategic projects.
• Understand skill gap on teams and create action plans to improve these gaps.
• Track Key Performance Indicators KPI (utilization rates, consulting growth, engagement management) to ensure a steady case load and proper staffing.

• Produce high-quality written and verbal reports, presentations, recommendations, and findings to customer management.
• Demonstrate industry thought leadership through blog posts and other public speaking events.
• Participate in leadership, cross-functional and sales meetings on a regular basis.  For example, QBR’s, Executive Briefings, business performance and scoping calls Serve as subject matter expert in a cyber incident response area.
• Serve as a technical/managerial liaison between the senior practice leadership and the delivery consultants.
• Identify pre-sales opportunities and assist with other pre-sales opportunities assigned to you.
• Stay abreast of current industry trends, public disclosures and new technology through professional associations, trade journals, networking, and associated training and seminars.
• Effectively communicate with clients, peers, leadership, and executives on the topic of incident response.
• Mentor incident response team leads and consultants.

Requirements 

• Team leadership experience in a consulting environment.
• Experience conducting and managing incident response investigations for organizations, investigating targeted threats.
• Strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans for compromised organizations.
• Strong technical communication skills (oral and written) including experience briefing executive management and desire to work with clients to solve complex security issues, including at times in crisis situations.

• Excellent verbal and written communication skills with experience briefing executive management.
• Possess a desire to work with clients to solve complex security issues, including at times of crisis.
• Ability to drive cross functional teams towards a common objective.
• Experience working with global, remote, multi-cultural teams.
• Ability to prioritize, delegate and complete tasks within tight timeframes to meets deadlines.
• High attention to detail with strong analytical skills.
• Strong interpersonal skills, self-starting, proactive, motivated, team player.
• Results orientated and customer focused.
• Ability to demonstrate initiative and good judgment in resolving issues.
• Effective at managing conflict and negotiating with stakeholders.
• Experience mentoring and leading technical teams in a matrixed consulting environment.

Preferences

• 10+ years of information security experience.
• 3+ years leading a team or teams of cyber security professionals.
• Experience working with Cyber Insurers and Law Firms.
• Professional degree relevant to cybersecurity or equivalent work experience.
• Technical or professional certifications, such as GCFA, CISA or CISSP, are a plus.

Secureworks is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.

Dell’s Flexible & Hybrid Work Culture

At Dell Technologies, we believe our best work is done when flexibility is offered.

We know that freedom and flexibility are crucial to all our employees no matter where you are located and our flexible and hybrid work style allows team members to have the freedom to ideate, be innovative, and drive results their way. To learn more about our work culture, please visit our locations page.