VP Cyber Security Incident Detection & Response

If you are motivated and believe in the credit union philosophy of "People Helping People," join our team!

Position Overview:

The Vice President of Cyber Security Incident Detection & Response is a management role responsible for overseeing and managing the Security Incident Detection and Response function. This manager will lead a high-performing team tasked with incident detection, triage, investigation, and response, SIEM engineering, and digital forensics. The position reports directly to the Senior Vice President of Security Operations Center and Assurance.

Essential Responsibilities:

• (25%) Lead, mentor, and develop a team of security professionals dedicated to incident detection, triage, investigation, response, SIEM engineering, and forensics.
• (20%) Oversee the design, implementation, and optimization of security incident detection and response processes, ensuring rapid and effective containment and resolution of threats. Lead post-incident reviews and root-cause analyses to drive continuous improvement in security posture and incident handling.
• (15%) Develop and maintain incident response plans, playbooks, and escalation procedures aligned with industry best practices. Collaborate with cross-functional teams, including IT, legal, compliance, and risk management, to coordinate incident response efforts and ensure regulatory compliance.
• (15%) Manage and enhance the Security Information and Event Management (SIEM) infrastructure to ensure comprehensive monitoring, threat detection, and actionable alerting.
• (10%) Provide regular reporting and updates to executive leadership regarding incident trends, response effectiveness, and emerging threats.
• (15%) Stay abreast of the latest cybersecurity trends, attack techniques, and technologies to continuously improve the team’s capabilities. Foster a culture of proactive threat hunting and ongoing training within the incident response team.

Required Education & Experience (Knowledge, Skills, & Abilities):

• Bachelor’s degree and 7 years of direct experience with at least 1 year of experience in a leadership role. Must have Information technology and/or financial Institution or related field experience.
• 7 total years of experience in cybersecurity with 5 years of incident response, SOC operations or related field.
• Expertise with security incident management:
  • collection, detection, triage, investigation and response
  • collection monitoring
  • proactive threat hunting
  • SIEM and detection engineering
  • Reporting and metrics

Preferred Education & Experience (Knowledge, Skills, & Abilities):

• Bachelor’s degree in computer science, Information Security, or related field
• 7 total years of experience in cybersecurity with 5 years of incident response, SOC operations or related field. With 2 years in a supervisory or lead role.
• Relevant certifications (e.g., CISSP, CISM, GSOM, GCIA, GCIH, GCFA) or other relevant industry certification and/or desire to obtain such certifications.

Job Environment & Physical Requirements:

• Hybrid work environment; 2 days on location in Raleigh, NC
• Able to work all hours scheduled, including unscheduled overtime as directed by manager/supervisor and required by business need.

SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law.

Disclaimer

State Employees' Credit Union reserves the right to fill this role at a higher/lower level based on business need.