Willis Towers Watson Incident Readiness & Response Manager in Nashville, Tennessee

Incident Readiness & Response Manager

Date Posted: May 17, 2018


Not ready to Apply? at https://willistowerswatson.avature.net/WTWTalentNetwork


The Role

As an Incident Response Lead, you will be working as part of the WTW Cyber Defense team, identifying, managing and ultimately, responsible for the management of Security incidents across the business. You will take ownership of incidents that occur and proactively manage or remediate with finesse as they happen. Ideally, you’d be in a Senior Security analyst role, where you would have/had experience working within a Security operational position across Incident Handling, Threat Actors and Vulnerability Management. As a Team lead, you will be looking to continuously improve the programmer and function of Security and assist in its development.

You will work on a geographically diverse team to respond to threats that may arise against our infrastructure, and track incidents to closure, working across functional teams. Periodically, you will be required to participate as an escalation point of contact in the On-Call rotation, to ensure that Security Operations can respond to priority incidents in a timely manner, and you may be called upon to work outside of business hours in the event of a major security crisis.

  • Identifying external threats through tool alerts and logs made available by the Cyber Systems and Cyber Defense teams

  • Consuming and exploiting intelligence produced by the WTW Cyber Defense Centre

  • Reporting findings to WTW CISOs impacted by Cyber threats

  • Providing tactical and strategic recommendations for preventative controls to the Cyber Defense and Vulnerability Management teams based upon incident response findings and trends in realized threat activity

  • Requesting custom development for analytics and SIEM enhancement from the Cyber Systems team

  • Monitors security estate for actionable alerts across the WTW network

  • Responds to detected incidents from initial detection, through containment and remediation

  • Communicates findings to stakeholders along with recommendations on posture improvements

  • Performs threat hunting to discover otherwise undetected threats while creating new detection logic to improve base operations

  • Assist in the preparation of monthly security metrics for Information Security Leadership

The Requirements

• Educated to degree level or equivalent (Essential)

• Hold professional qualifications in a related subject e.g. CISSP, Security+, GSEC, GCIH, CEH, or GCIA certification

• Deep understanding of Security Operations Centre and Security Incident Response Team protocols and procedures.

• The ability to analyse event and systems logs, perform forensic analysis, analyse malware, and other incident response related data, as needed.

• Familiarity with intrusion detection systems and tools.

• Knowledge of attack vectors, threat tactics and attacker techniques.

• Understanding of Windows and Linux operating systems and command line tools.

• Enterprise level analysis and defence experience are a plus.

The Company

Willis Towers Watson is a leading global advisory, broking and solutions company that helps clients around the world turn risk into a path for growth. With roots dating to 1828, Willis Towers Watson has 40,000 employees serving more than 140 countries. We design and deliver solutions that manage risk, optimize benefits, cultivate talent, and expand the power of capital to protect and strengthen institutions and individuals. Our unique perspective allows us to see the critical intersections between talent, assets and ideas – the dynamic formula that drives business performance. Together, we unlock potential. Learn more at willistowerswatson.com .

Willis Towers Watson is an equal opportunity employer

Willis Towers Watson is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to, among other things, race, color, religion, sex, sexual orientation, gender identity, national origin, age, status as a protected veteran, or disability.

Equal Employment Opportunity: Know your rights. at http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf

Unsolicited Contact : Any unsolicited resumes/candidate profiles submitted through our web site or to personal e-mail accounts of employees of Willis Towers Watson are considered property of Willis Towers Watson and are not subject to payment of agency fees. In order to be an authorized Recruitment Agency/Search Firm for Willis Towers Watson, any such agency must have an existing formal written agreement signed by an authorized Willis Towers Watson recruiter and an active working relationship with the organization. Resumes must be submitted according to our candidate submission process, which includes being actively engaged on the particular search. Likewise, for our authorized Recruitment Agencies/Search Firms, if the candidate submission process is not followed, no agency fees will be paid by Willis Towers Watson. Willis Towers Watson is an equal opportunity employer.


Not ready to Apply? at https://willistowerswatson.avature.net/WTWTalentNetwork


  • Share on Facebook

  • Share on Twitter

  • Share on Google+ Share on Pinterest

  • Share on Linkedin

  • Share by Mail


  • Location:Nashville, TN, USPhiladelphia, PAIpswich, EnglandReigate, England

  • Date Posted:May 17, 2018