Security Incident Detection & Response Manager

Remote position (only for professionals based in Argentina or Uruguay)

RYZ Labs is currently seeking a Security Incident Detection & Response Manager to join the team of our partner, a major company in the hospitality industry. This professional will be a part of the Information Security team and will report to the head of Information Security. The role entails leading and developing the Security and Incident Response function.

Responsibilities:

- You will help improve the ability to detect and quickly respond to security incidents across cloud platforms, infrastructure, and SaaS-based enterprise environments.

- Drive the monitoring and detection strategies, covering the product and internal & 3rd party services.

- Develop and maintain the Incident Response policy, procedure, and playbooks.

- Build automation & orchestration workflows to automate SOC processes.

- Direct daily operations of the threat detection and incident response function, analyzing workflows and logs, establishing priorities, developing standards, and setting deadlines.

- You will lead security incident response and participate in forensic activities.

- Improve our detective controls through the use of threat-hunting and cyber threat intelligence.

- Participate in on-call rotation and lead security incident response.

- Oversee the administration, configuration, and maintenance of the SIEM system.

- Develop and maintain correlation rules, queries, dashboards, and reports within the SIEM system.

- Develop and maintain SOC Policies, procedures, playbooks, and best practices.

- Manage direct report(s) and drive team success by setting clear goals, providing feedback, and overseeing applicable staffing actions.

- You will frequently interact with security leadership, product and engineering, IT, infrastructure/platform, compliance, internal audit, and legal teams.

- Lead the identification, assessment, and prioritization of vulnerabilities across systems and networks.

- Develop and deliver security awareness training programs for employees.

Requirements:

- The ideal candidate will have experience across a range of cloud security technical disciplines and may have had past jobs such as Detection & Response lead, Threat, & Vulnerability Management (TVM) engineer, or other real-world Blue or Red team responsibilities.

- Direct experience leading security incident management, including monitoring, detection, response, and threat-hunting functions across Enterprise and Product services.

- Someone who has led a roadmap for automation and orchestration to help scale and mature security incident response activities.

- Ability to summarize events and incidents effectively to technical and non-technical audiences including executives, legal counsel, compliance partners, and other stakeholders.

- Customer service-oriented person with a problem-solving attitude.

Basic Qualification:

- 8+ years of relevant experience working in IT or Information Security in a cloud-first environment; with a minimum of 5 years of experience directly, working in a dedicated incident response, threat & vulnerability management, or digital forensics role.

- Bachelor’s degree in Computer Science, Programming, or related field, or equivalent combination of education and experience.

- Relevant Professional certifications such as CISSP, GCIA, GCIH, OSCP, or similar are highly desirable.

- Experience with the Mitre Att&ck Framework and associated tactics and techniques or other threat modeling exposures.

- Proficient in Network and Security technologies.

- You have experience using log and data analysis platforms such as Splunk, Sumologic, Datadog, Grafana, etc.

- Familiarity with Crowdstrike and AWS security tooling in cloud environments or similar products and services.

- Nice to Have: Programming skills, Experience with Kubernetes, AWS Certifications, Static and/or Dynamic code analysis tooling, Experience writing SDLC-related policy.

About RYZ Labs:

RYZ Labs is a startup studio built in 2021 by two lifelong entrepreneurs. The founders of RYZ have worked at some of the world's largest tech companies and some of the most iconic consumer brands. They have lived and worked in Argentina for many years and have decades of experience in Latam. What brought them together is the passion for the early phases of company creation and the idea of attracting the brightest talents in order to build industry-defining companies in a post-pandemic world.

Our teams are remote and distributed throughout the US and Latam. They use the latest cutting edge technologies in cloud computing to create applications that are scalable and resilient. We aim to provide diverse product solutions for different industries, planning to build a large number of startups in the upcoming years.

At RYZ, you will find yourself working with autonomy and efficiency, owning every step of your development. We provide an environment of opportunities, learning, growth, expansion and challenging projects. You will deepen your experience while sharing and learning from a team of great professionals and specialists.

Our values and what to expect:

- Customer First Mentality - every decision we make should be made through the lens of the customer.

- Bias for Action - urgency is critical, expect that the timeline to get something done is accelerated.

- Ownership - step up if you see an opportunity to help, even if not your core responsibility.

- Humility and Respect - be willing to learn, be vulnerable, and treat everyone that interacts with RYZ with respect.

- Frugality - being frugal and cost conscious helps us do more with less.

- Deliver Impact - get things done in the most efficient way.

- Raise our Standards - always be looking to improve our processes, our team, our expectations. Status quo is not good enough and never should be.