Finance and Economics IT Management & Business Others
3 - 5 Years
Incident Response Manager - Global Security Incident Management
The Incident Response Manager - Global Security Incident Management will report to the Senior Manager of Global Security Incident Management.
An Incident Response Manager will have a hybrid role covering both the strategic incident response program as well as acting as an escalation point for IR teams and providing operational incident management services during high priority cyber security and fraud incidents spanning multiple business units with high exposure to senior stakeholders.
An Incident Response Manager is expected to have a deep understanding of elements of frameworks (ITIL, NIST, ACFE etc) relating to incident response and be able to translate these best practises into practical and effective policies and procedures fit for purpose at Booking.com. Alongside this iterative program work, Incident Response Manager will be measuring and reporting on the effectiveness of the various incident response teams within the Security & Fraud department in order to target training and process improvements on areas that actually need it and support those steps with relevant data points.
An Incident Response Manager will be expected to be on call for at least 1 week per month and will have to be flexible with working hours given the nature of the role. The Incident Response Manager will be called upon to coordinate efforts during incident response when high priority security or fraud incidents occur. The Incident Response Manager is responsible for the entire end to end management of an incident from the preparation phase right through to the post incident activities driving containment and remediation of incidents and escalating to the Crisis Management Team when necessary.
An Incident Response Manager will at times be in contact with senior leadership both within booking and the broader Booking Holdings organization, to ensure transparency and clarity of the current state of events, so the ability to communicate clearly and concisely, both in written and verbal form, is crucial to the role's success
Acts as Incident Manager for critical cyber and fraud incidents with high business impact including 24/7 on-call for at least 1 week per month.
Drives incident response program elements to ensure IR effectiveness and readiness.
Ensures that key stakeholders are kept up to date on key developments in a timely manner during IR.
Facilitates onboarding and table top exercises to support continuous improvement and increase maturity level of IR capability.
Is connected with emerging threats, security flaws, and vulnerabilities
Consult with incident response teams to ensure that they are adequately prepared for incident response activities.
Creates and facilitates workshops and training sessions for teams with specific improvement areas regarding IR activities.
Collaborates with problem management functions to ensure that retrospective findings are remediated.
Communication and Partnerships
Develops relationships with key security partners across Booking.com.
Ensures to effectively receive buy-in from key stakeholders both within the Security department and across the business on strategic IR program initiatives.
Carries out regular reporting with clarity and key insights providing solutions and accurate timelines.
Actively builds and leverages a network across the industry.
Innovation and Excellence
Identifies (both proactively and reactively) opportunities to improve incident management/response processes.
Takes the lead and holds capability area leads accountable for improving incident detection, response, and remediation.
Continually iterates on existing governance mechanisms to adhere to both industry best practices and ensure that it fits in with Booking.com operations.
Identifies new tooling opportunities, building business cases and escalating as appropriate.
Leadership - technical / non-technical
Demonstrates strategic mindset and ability to input into the 2-3 year roadmap for the functional area.
Leader within the Security organization and contributes to broader strategic projects to improve overall security posture.
Role models Incident Management best practices during IR activities identifying potential IM talent within the organisation.
Identifies vendor opportunities effectively manages them as needed.
5+ years' relevant experience
Bachelors/Masters Degree in a relevant field (Computer Science, Criminology, Homeland Security, or equivalent experience in academia, business, or government.
Certification of cybersecurity, Forensic, and Incident response is a plus (CISSP, ECSA, GISP, GCIH, GCFE, GCFA)
Experience with incident management in a fast-paced and highly dynamic environment
Incident management skills: able to set priorities, pursue multiple threads at the same time, accurately reflect current state and drive towards desired state
Experience of being on-call and working flexible hours
Excellent written and verbal communication skills are required, including the ability to communicate technical concepts clearly and effectively
Experience communicating with senior stakeholders in high pressure situations
Thrives within a global and inclusive working environment
Knowledge of frameworks such as PCI, SOX, NIST, ITIL and GDPR is advantageous
This can be a stressful, pressure-packed job. We need you to be flexible, adaptable and down-to-earth and an expert in multi-tasking
Bachelor’s degree in computer science or related field or equivalent experience.
Living and working in Amsterdam, one of the most cosmopolitan cities in Europe
Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travellers worldwide
Working in a fast-paced and performance driven culture
Opportunity to utilize technical expertise, leadership capabilities and entrepreneurial spirit
Promote and drive impactful and innovative engineering solutions
Technical, behavioural and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation
Competitive compensation and benefits package and some great added perks of working in the home city of Booking.com
We value Diversity of all types and in an open, dynamic workplace. This has been a pillar at Booking.com since day one, and something we continue to strongly believe in and build today.
Booking.com is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.