APi is a market-leading provider of safety, specialty, and industrial services in over 200 locations worldwide, primarily in North America. We have a winning culture driven by entrepreneurial business leaders to deliver innovative solutions for our customers. As a family of companies working together, we have the parts to make any project whole.
At APi Group, the mission is clear: We Build Great Leaders. We believe that everyone at APi is a Leader and one of our core pillars of success is our distinct leadership development culture. We provide internally developed, cross-functional development programs across our businesses. Our culture of investing in leadership development at all levels of the organization has created an empowered, entrepreneurial atmosphere that facilitates organizational sharing of knowledge and best practices and enables the development of cross-brand solutions and innovation.
We are currently seeking a Security Incident Lead, whose primary responsibility is to lead response efforts to security incidents, engage and coordinate the necessary parties to mitigate the issue, and communicate status with leadership. This role will also manage the security incident response program and assist the Director in our managed security services. In addition, this role will lead security assessments, remediation efforts, and continuous security control improvements. This role provides you with an opportunity to have a direct influence on the organization’s ongoing security strategy and roadmap.
- Lead the Security Incident Response program, which includes the Incident Response Plan, playbooks, procedures, tabletop exercises, and communication plans.
- Triage & assess security concerns, develop remediation plans, and drive security incidents to resolution.
- Respond to intrusion attempts, identifying full scope of impact and attack vector.
- Facilitate post incident reviews, document root causes, and actively work with impacted teams addressing resolution actions.
- Develop processes, scripts, and enhanced methods to improve detective capabilities and automation.
- Research industry trends, identify ongoing security threats, analyze new security testing tools, and provide recommendations on the need and usefulness of such services and products.
- Support other security functions and teams to ensure holistic implementation of security controls, technologies, practices, and programs.
- Perform investigations and escalation for complex or high severity security threats or incidents.
- Author and coordinate security reporting to provide system status, and report on potential and actual security violations.
- Maintain an in-depth knowledge of common attack vectors, common security exploits, and countermeasures.
- Maintain a solid working knowledge of Information Security principles and practices.
- Promote security awareness and assist with “human firewall” training, such as phishing simulations.
- Perform occasional IT process audits, such as SOX-related activities.
- Provide security consultation and guidance to the organization as appropriate.
- Collaborate with users to discuss computer data access needs, identify security threats and violations, and identify and recommend needed programming or process changes.
- Perform risk assessments, audits, and tests to ensure proper functioning of data processing activities and security measures.
- Participate in security-related project work.
- Mentor team members.
- Other related duties as assigned.
- At least 5-8 years of information security and/or IT experience, with at least 3 years in information security roles.
- 3+ years of experience leading cross-functional teams
- Bachelor's degree (B. A.) from four-year College or University; or one to two years related experience and/or training; or equivalent combination of education and experience.
- Thorough understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)
- Proficient in MS Office; Outlook, Word, Excel, Teams, and Visio.
- Excellent written and verbal communications, including presentation skills
- Flexibility to work occasionally outside business hours to support security incident response, project work, or maintenance window activities.
- Excellent organizational skills and analytic, problem-solving skills.
- Impeccable confidentiality, attention to detail, and self-organization.
- Self-directed and motivated, with a positive and willing attitude.
- Familiarity with PICERL incident response process.
- Security certifications such as CISSP, Security+, CASP, Network+, GCIH, and other GIAC certifications.
- Administration experience in a variety of security tools.
- Ability to read network traffic logs and operating systems logs.
- Scripting and programming experience.
Competencies and Skills:
- Experience with monitoring and responding to security alerts and incidents.
- A technical understanding of IT networks, server administration, and IT applications.
- Demonstrated problem-solving and analytical skills.
- Proficient, or able to gain proficiency with, a broad array of security software applications and tools.
- Thorough understanding of computer-related security systems such as firewalls, encryption, and password protection and authentication.
APi Group provides competitive compensation and benefits that support the total well-being of you and your family, as well as providing formal learning and development opportunities to continue building great leaders.