Share this job SVGs not supported by this browser. Description This role may be based in New York City or Washington DC. This is a leadership role to create and grow Cyber Incident Response (CIR) in the Americas, specifically: To be an exceptional leader with the ambition, ability and commercial acumen to build a market leading CIR capability in the United States. To win a significant increase in retained and panel work, transforming our client traction and market penetration. To lead on the delivery of complex cyber incident response cases in the Americas, and elsewhere as appropriate. To oversee all aspects of regional commercial, financial, and operational management for CIR in the Americas. To recruit, develop, and manage high quality crisis management, technical forensics and client-facing resources. To work seamlessly with our global lead for CIR in London to ensure our go-to-market positioning and operational delivery is coordinated. To work side-by-side with our Threat Intelligence, Advisory, and Assurance teams to drive deeper market penetration across all parts of Digital Risks in the US. To work with the Digital Risks leadership team in the region and globally and to actively contribute to global initiatives. Tasks and responsibilities Leadership and enablement: Provide clear, visible, and energetic leadership, generating a significant step change in a growing business. Recruit, motivate and lead an America--based team on strategy, operations, people and learning and development. Ensure the regional plan is aligned to the global strategy and fully integrated into the Digital Risks and wider Control Risks business. Foster a culture of collaboration and One Firm behavior. Brand and market: Execute an ambitious US and regional market strategy, ensuring it is anchored in global priorities and focused on retained and panel channels to market. Actively promote Control Risks as a trusted cyber responder and enhance our broader credentials as a strategic advisor on cyber and technology risk. Secure and expand critical corporate, legal, insurer, and underwriter relationships in the US as a key priority, as well as through more strategic, C-suite Tier-1 buyer relationships. Execute business development initiatives supported up by clear account, sales and marking plan. Act as a brand ambassador and thought leader for Digital Risks, both internally and in the market. Delivery: Achieve major origination, with a focus on achieving a significant increase in corporate retainer and insurance/law firm panel work. Lead on the delivery of complex cyber incident response cases in the Americas, and elsewhere as appropriate. Co-develop with the global team technical response Standard Operating Procedures (SOPs), ensuring they kept up to date with the latest threats. Identify Partnership opportunities regionally/globally to drive business growth. Work with the global CIR team to identify technologies which improve efficiencies and client services. Response-specific expertise: Have led the lifecycle of a cyber incident including identification, containment, eradication and recovery and senior stakeholders through key decisions during a major incident or crisis. Expertise in threat hunting using EDR tooling to evaluate an attacker's spread through a system and network, anticipating and thwarting further attacker activity, and in live compromise assessments for organizations who suspect a compromise. Demonstratable understanding of existing and emerging threat actors, as well as experience in identifying rapidly changing tools, tactics and procedures of attackers. Deep experience in advising on the safe technical recovery of an organizations IT systems balancing the need to understand what has happened but speed up recovery. Requirements Knowledge and experience 15+ years’ experience in cyber security and related disciplines, particularly in cyber incident response. Track record of developing trusted advisor relationships with senior C-level decision makers in Fortune 500 companies and with law firms and insurers. Ability to respond to advanced threats leveraging forensics and threat hunting technology. Deep subject matter expertise, including considerable knowledge of current and emerging advanced threat actors. Significant experience of delivering high value and more commoditized CIR services in the US market. Proven experience of operating in senior security and commercial consulting roles. Qualifications and specialist skills Educated to post-graduate level or equivalent. Demonstrable commercial acumen. Proven cyber subject matter expertise derived from substantial commercial or government experience. Strong understanding of MITRE ATT&CK techniques / sub-techniques. The ability to articulate TTPs to clients in non-technical terms. Experience in engaging in industry and law enforcement intelligence forums. Experience of supporting cross-jurisdictional response cases. Qualifications such as: CREST Registered Intrusion Analyst (CRIA), Certified Network Intrusion Analyst (CCNIA), Certified Host Intrusion Analyst (CCHIA); SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) or Enterprise-Class Incident Response & Threat Hunting (FOR608); Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and full membership of ISACA. The base salary range for this position is $250,000-$400,000 per year. Exact compensation offered may vary depending on job-related knowledge, skills, and experience. Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. If you require any reasonable adjustments to be made in order to participate fully in the interview process, please let us know and we will be happy to accommodate your needs. Control Risks participates in the E-Verify program to confirm employment authorization of all newly hired employees. The E-Verify process is completed during new hire onboarding and completion of the Form I-9, Employment Eligibility Verification, at the start of employment. E-Verify is not used as a tool to pre-screen candidates. For more information on E-Verify, please visit www.uscis.gov. Benefits Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer. Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working. Medical Benefits, Prescription Benefits, FSA, Dental Benefits, Vision Benefits, Life and AD&D, Voluntary Life and AD&D, Disability Benefits, Voluntary Benefits, 401 (K) Retirement, Nationwide Pet Insurance, Employee Assistance Program. As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process. Apply for this job