AVP, Incident Response

Posted 18 Days Ago
Be an Early Applicant
Chicago, IL
Hybrid
Senior level
Cloud • Insurance • Professional Services • Analytics • Cybersecurity
The Role
This role involves leading incident response strategies, managing the Hybrid Security Operations Center, and directing security incident response teams. The position requires collaboration with senior leadership and other stakeholders to handle information security incidents and ensure compliance with regulatory standards.
Summary Generated by Built In

You have a clear vision of where your career can go. And we have the leadership to help you get there. At CNA, we strive to create a culture in which people know they matter and are part of something important, ensuring the abilities of all employees are used to their fullest potential.
CNA seeks to offer a comprehensive and competitive benefits package to our employees that helps them - and their family members - achieve their physical, financial, emotional and social wellbeing goals.
For a detailed look at CNA's benefits, check out our Candidate Guide .
This role leads the evaluation, development, implementation, and monitoring of advanced information security strategies, tools, and technologies for effectively detecting and responding to enterprise information security incidents. These incidents may pose local, national, or global threats. The position interacts with senior leadership during critical security incidents, leads daily security operations, and directs security incident response teams, including remediation protocols. This role is the subject matter expert in end-to-end processes for computer security incident responses across the enterprise, with a focus on modern fusion center operations and the evolving threat landscape.
JOB DESCRIPTION:
Essential Duties & Responsibilities
Performs a combination of duties in accordance with departmental guidelines:

  • Establishes and governs the Hybrid Security Operations Center (SOC) and technologies supporting it (including but not limited to SIEM, SOC Management, NDR, Case Management, Detection Management tools, and etc.).
  • Develops and manage leadership team for managing SOC and supporting groups.
  • Manages MSSP relationship end-to-end
  • Leads and Manages Computer Security Incident Response Team (CSIRT/IR)
  • Serves as the subject matter expert for all information security incident responses for the enterprise globally (including data, Third-Party, and other incidents).
  • Provides governance for and leads the information security response process.
  • Directs the response to escalated security events and drives the security incident response process on a local, national, and global level, as necessary.
  • Participates in and leads the Incident Response Committee.
  • Partners with CNA leadership on response strategies for enterprise-wide information security incidents.
  • Leads the evaluation, development, and implementation of Incident Response Plan, information security standards, procedures, and guidelines across diverse system platforms, application environments.
  • Ensures proactive compliance with security standards across the enterprise and global regulatory compliances (SEC, GDPR, OSFI, and etc.)
  • Works with senior Technology, Legal, and business leaders on potential data breaches.
  • Collaborates with and supports Technology, Human Resources, Legal, TPRM, and other key stakeholders.
  • Provides end-to-end problem management and root cause analysis for security incidents across the enterprise.
  • Leads post-incident debriefings to identify system environment, process, and/or security standard improvements.
  • Performs and/or directs independent analysis of complex problems and threats, providing clear and decisive mitigation strategies.
  • Conducts external investigations and research in partnership with Threat Intel team on sponsored actors in other countries to develop strategies and tactics for security responses.
  • Actively communicates with CNA leadership team and key IT and business stakeholders on metrics, measures, and potential new threats.
  • Works with technology Leadership to proactively develop and monitor information security strategies to protect the enterprise from existing and future threats.
  • Stays up to date on current attack risks, trends, and breaches across industries through independent and collaborative research.
  • Utilizes state-of-the-art tools and analyses from leading government and information security firms to continually enhance the organization's information security readiness.
  • May perform additional duties as assigned.


Reporting Relationship
Typically reports to VP or above.
Skills, Knowledge & Abilities

  • In-depth understanding of SOC, SIEM, MSSP, DLP and the CSIRT process.
  • Proven experience with industry-standard security technologies, such as NDR, Threat Detection Management, IDS, EDR, DLP, firewalls, and etc.
  • Proven experience applying information security principles to secure platforms and prevent threats.
  • Working knowledge of regulations (e.g., SOX, privacy, GDPR, NYDFS, OFSI, etc.) and internal controls as they apply to IT.
  • Strong understanding of malware in static and dynamic environments and mitigation strategies.
  • Superior analytical and problem-solving skills with the ability to communicate highly technical information to business leaders effectively.
  • Proven ability to influence change and adoption of information security protocols and concepts.
  • Ability to work extremely well under pressure while maintaining a professional image and approach.
  • Preferred knowledge of the insurance industry.


Education & Experience

  • Bachelor's Degree required or equivalent work experience. Master's Degree in Computer Science or a technical field preferred.
  • Minimum of ten years of information security experience, including five years of management experience.
  • CISSP, GIAC, CISM, or equivalent certifications preferred.


CNA is committed to providing reasonable accommodations to qualified individuals with disabilities in the recruitment process. To request an accommodation, please contact [email protected] .

Top Skills

SIEM

What the Team is Saying

Meghan Bautista
Mehrzad Adelzadeh
Alison Massey
SenthilKumar Asokan
Zach Jones
Lisa Smith
Josie Lee
The Company
HQ: Chicago, IL
7,000 Employees
Hybrid Workplace
Year Founded: 1897

What We Do

CNA is one of the largest U.S. commercial property and casualty insurance companies. Backed by more than 125 years of experience, CNA provides a broad range of standard and specialized insurance products and services for businesses and professionals in the U.S., Canada and Europe.

As a company of allies, we understand the importance of fostering an inclusive and supportive culture for all employees. Our eight Employee Resource Groups elevate the voices of underrepresented groups and champion critical DEI initiatives in the workplace and beyond. We strive to promote an environment of inclusion and continuously work to ensure all employees feel valued and respected.

Why Work With Us

CNA knows the importance of having the tools you need to expand your expertise and develop your career. With a variety of cross-discipline and cross-functional opportunities, CNA provides you with the tools and resources needed to customize your career path and understand what is needed to be effective in your role.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

CNA Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
Company Office Image
HQChicago, IL
Located in the heart of the loop, CNA’s headquarters are at 151 N Franklin. With close proximity to both L and Metra stations.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account