Cyber Incident Manager
Company: West Nyack - THQ
Location: West Nyack
Posted on: April 7, 2026
|
|
|
Job Description:
Overview The Salvation Army, an international movement, is an
evangelical part of the universal Christian Church. Its message is
based on the Bible. Its ministry is motivated by the love of God.
Its mission is to preach the gospel of Jesus Christ and to meet
human needs in His name without discrimination. We are the largest
non-governmental provider of social services in America and every
year, we help over 30 million Americans overcome poverty,
homelessness, addiction, economic hardships, loneliness, and
exploitation through a wide range of programs and services. Our
Eastern Territorial Headquarters' Information Technology Department
has an opening for a Cyber Incident Manager. This position will
lead the response to cyber incidents, ensuring they are handled
promptly and efficiently to minimize damage and reduce recovery
time and costs. They play a pivotal role in coordination with
various internal and external stakeholders to manage the incident
lifecycle from preparation to post-incident review through
identification, containment, eradication, recovery, and lessons
learned. This position is integral to the cybersecurity framework,
serving as the frontline defense against incidents that can
compromise sensitive data, disrupt business operations, and damage
the organization's reputation. The Cyber Incident Manager is not
just a technical role. The role is a strategic position that
requires a blend of technical acumen, leadership skills, and
business understanding to appropriately address incidents while
maintaining customer engagement. This individual is critical in
ensuring the organization's resilience against ever-evolving cyber
threats. This position requires approximately 35 hours of work per
week and is eligible for a hybrid work arrangement (3 days onsite/
2 days remote) after three months of employment. Responsibilities *
Incident Leadership: The Cyber Incident Manager is responsible for
taking command during cybersecurity events, orchestrating response
efforts, and promptly addressing incidents. This involves quick
decision-making, prioritizing tasks, and directing response teams
effectively. * Strategic Planning and Preparedness: Beyond reactive
measures, this role demands proactive planning and preparedness.
This includes developing, maintaining, and regularly updating
incident response plans, ensuring the organization is equipped to
handle various cyber incidents. It also involves conducting risk
assessments and scenario planning (tabletop exercises) to
anticipate potential threats and vulnerabilities. * Coordination
and Collaboration: The position requires extensive coordination
with various internal departments (e.g., IT, Legal, HR, and public
relations) and external entities (such as law enforcement,
cybersecurity firms, and regulatory bodies). This coordination is
crucial for a holistic approach to incident management,
encompassing technical response, legal compliance, internal and
external communications, and post-incident recovery. * Technical
Expertise and Analysis: The Cyber Incident Manager should deeply
understand the cyber threat landscape, including the latest trends
in cyber-attacks and defense strategies. They are expected to
analyze incident patterns and weaknesses, offering insights that
drive improvements in the organization's cybersecurity posture. *
Stakeholder Engagement: Effective communication with stakeholders,
including executive leadership, is a key aspect of this role. The
Cyber Incident Manager must be able to translate complex technical
incidents into understandable terms, advising on the impact,
necessary actions, and implications for the business. * Continuous
Improvement and Learning: Post-incident analysis is a critical
function. Learning from incidents to improve systems, processes,
and training is essential. This role involves regularly reviewing
and refining incident response strategies, staying informed about
new technologies and methodologies in cybersecurity, and
integrating these into the organization's practices. * Regulatory
Compliance and Documentation: Ensuring that incident response
activities adhere to legal and regulatory requirements is
paramount. The Cyber Incident Manager maintains comprehensive
records of incidents, responses, and outcomes for compliance
purposes, audits, and continuous improvement. * Risk Mitigation: By
effectively managing cyber incidents, this role directly
contributes to reducing the risk and impact of cyber threats on the
organization. * Operational Continuity: Ensuring rapid and
efficient response to incidents minimizes downtime and maintains
business operations, which is crucial for the organization's
success and reputation. * Compliance and Trust: Adherence to
compliance standards and effective incident handling enhances the
organization's credibility and trust among clients, partners, and
regulatory bodies. Qualifications * Bachelor's degree from
four-year college or university. * 3-5 years of related experience.
* Technical Skills: - Digital Forensics & Incident Response (DFIR)
- Security Information and Event Management (SIEM) (e.g., Splunk,
Sentinel, QRadar) - Intrusion Detection/Prevention Systems
(IDS/IPS) - Endpoint Detection & Response (EDR) (e.g., CrowdStrike,
Darktrace, SentinelOne) - Network Traffic Analysis & Packet Capture
(Wireshark, etc.) - Malware Analysis & Reverse Engineering (basic
to intermediate) - Log Correlation and Threat Hunting - Firewall,
Proxy, and IDS Log Analysis (e.g., Fortinet, Meraki) - Threat
Intelligence Integration and Analysis - Email Header and Phishing
Analysis - Security Orchestration, Automation, and Response (SOAR)
platforms (e.g., Palo Alto XSOAR, Swimlane) - Forensics Tools:
EnCase, FTK, Autopsy, Volatility - Threat Intel Platforms: Recorded
Future, ThreatConnect, MISP - Ticketing Systems: ZenDesk,
ServiceNow, Jira, Remedy * Framework Proficiency: - Incident
Response Lifecycle (NIST SP 800-61, PICERL model) - Knowledge of
MITRE ATT&CK Framework - Vulnerability Management &
Prioritization - Disaster Recovery & Business Continuity Planning
(e.g., DR/BC, BIA) - Risk Assessment & Gap Analysis - Change
Control and Root Cause Analysis (RCA) * Regulatory, Compliance, and
Privacy Awareness: - HIPAA, PCI-DSS, NY SHIELD, GDPR, CCPA, CJIS,
etc. - SOX ITGC Controls and Audit Support - Cyber Insurance (CLI)
& Legal Considerations in Breach Response - Chain of Custody and
Evidence Handling * Leadership and Management Skills: - Relevant
certifications (e.g., CISSP, CISM, GCIH, GCFA, CRISC). -
Collaboration: Confluence, MS Teams, Slack, Monday.com, Telegram
(war room coordination) - Strong leadership and decision-making. -
Excellent communication and interpersonal skills. - Deep
understanding of cybersecurity frameworks and standards. - Ability
to work under pressure and handle crises effectively. What We Offer
* Generous Medical, Dental, Vision Benefits * TSA paid Life
Insurance for Employees * Additional life insurance options for
employees * On-site cafeteria * Paid Time Off - Vacation, Sick,
Personal day * 403(b) retirement savings plan * Non-contributory
Pension Plan * Professional Development * Free, on-site Fitness
Center * Federal holidays * Opportunities to give back and support
our communities All qualified applicants will receive consideration
for employment without regard to race, color, sex, national origin,
disability or protected veteran status.  Compensation details:
95000-100000 Yearly Salary PIf7d5c74f2b30-29400-40148480
Keywords: West Nyack - THQ, Tenafly , Cyber Incident Manager, IT / Software / Systems , West Nyack, New Jersey
