Exceed the expectations of our residential mortgage borrowers & business partners through superior service, simple processes, and effective communications.

We deliver on this mission by empowering our employees by encouraging and recognizing superior performance and innovative solutions, by promoting teamwork and divisional cooperation.
 

We are seeking an experienced Cyber Incident Response Manager to lead our onshore and offshore incident response team. This role involves coordinating and managing responses to cybersecurity incidents, conducting thorough investigations, and implementing strategies to prevent future incidents. The ideal candidate will have a background in cybersecurity, excellent problem-solving skills, and the ability to work under pressure.

• Security Analysts
• Purple Team members
• Forensic Analysts

List of required duties below. Distinguish on-site duties with an *. Examples below.

Incident Response Management*:

• Lead the incident response team in detecting, responding to, and mitigating cyber threats.
• Develop and implement incident response procedures and protocols.
• Coordinate with internal and external stakeholders during incidents.
• Conduct post-incident reviews and develop lessons learned reports.

Investigation and Analysis*:

• Perform detailed forensic analysis of compromised systems.
• Identify the root cause and impact of security incidents.
• Use threat intelligence to inform incident response activities.
• Maintain detailed records of incidents and actions taken.

Prevention and Mitigation*:

• Develop strategies to prevent future incidents.
• Implement security measures and best practices.
• Collaborate with other teams to conduct regular risk assessments and vulnerability assessments.
• Work with other teams to ensure security measures are effective.

Training and Development*:

• Train and mentor junior incident response team members.
• Develop and deliver incident response training programs.
• Stay up-to-date with the latest cybersecurity threats and trends.
• Participate in professional development activities and conferences.

Reporting and Communication:

• Prepare and present incident reports to senior management.
• Communicate effectively with non-technical stakeholders.
• Collaborate with law enforcement and regulatory bodies as needed.

*These essential functions are fundamental to the role, and must be performed on-site, as they cannot physically be performed remotely. In addition, the Company has determined that an in-person presence is important to critical components of our work, including oversight, training, collaboration, and productivity. Items not marked (*) as essential on-site, may still require partial on-site work to perform the role satisfactorily.

• Bachelor’s degree in Information Security, or a related technology or equivalent work/life experience. field.

• Minimum of 6 years of experience in cybersecurity, with at least 3 years in an incident response role.
• Strong knowledge of cybersecurity threats, vulnerabilities, and attack vectors.
• Experience with digital forensics tools and techniques.
• Excellent problem-solving and analytical skills.
• Strong communication and leadership skills.
• Relevant certifications such as CISSP, CISM, GIAC, or similar are preferred.
• Ability to work under pressure and manage multiple priorities.
• Experience with SIEM tools and intrusion detection systems.
• Knowledge of regulatory requirements and standards (e.g., FFIEC, GLBA, CCPA, NIST, ISO 27001/2).
• Familiarity with programming and scripting languages.
• Experience in a leadership or management role.

• Experience with SIEM tools and intrusion detection systems.
• Knowledge of regulatory requirements and standards (e.g., FFIEC, GLBA, CCPA, NIST, ISO 27001/2).
• Familiarity with programming and scripting languages.
• Experience in a leadership or management role.
• Excellent leadership and team management skills.
• Strong analytical and problem-solving abilities.
• Effective communication skills, both written and verbal.

While this description is intended to be an accurate reflection of the position’s requirements, it in no way implies/states that these are the only job responsibilities. Management reserves the right to modify, add or remove duties and request other duties, as necessary.

By applying to this position candidate acknowledges that this is not a remote role and is required to be on-site.

All employees are required to have smart phones that meet Company security standards with the ability to install apps such as Okta Verify and Microsoft Authenticator. Employment will be contingent on this requirement.

Company Perks:
•    15 Paid Time Off (PTO) days and 18 after 1st anniversary!
•    9 Paid Holidays
•    Casual Workplace
•    Employee Engagement Activities

 Company Benefits:
•    Medical (including Health Savings Account & Flexible Savings Account)
•    Dental - RX – Vision – Life, Disability Insurance – 401(k) Plan with company match! – Employee Assistance Plan

•    Performance-based Incentives
•    Pet Insurance

•    Advancement Opportunities

Newrez NOW:

•    Our Corporate Social Responsibility program, Newrez NOW, empowers employees to become leaders in their communities through a robust program that includes volunteering, philanthropy, nonprofit grants, and more
•    1 Volunteer Time Off (VTO) day, company-paid volunteer day where all eligible employees may participate in a volunteer event with a nonprofit of their choice
•    Employee Matching Gifts Program: We will match monetary employee donations to eligible non-profit organizations, dollar-for-dollar, up to $1,000 per employee

•    Newrez Grants Program: Newrez hosts a giving portal where we provide employees an abundance of resources to search for an opportunity to donate their time or monetary contributions

Equal Employment Opportunity 
We're proud to be an equal opportunity employer- and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.

CA Privacy Policy

CA Notice at Collection