Job description

Overview Come join us at Con Edison as a Systems Manager - Cyber Security Manager! We are seeking a highly skilled and motivated individual to join our growing team. In this role, you will be leading cyber response efforts across both OT and IT environments. You will oversee enterprise-wide forensic collections, manage large-scale response efforts, develop and mentor a high-performing team, and present findings to senior leadership to drive strategic decision-making. Responsibilities Core Responsibilities • Lead enterprise forensic collections across IT and OT environments, ensuring accurate and thorough acquisition of evidence. • Analyze and interpret data to identify indicators of compromise, attack vectors, and root causes. • Provide recommendations for corporate incident response plans and post-incident reviews. • Present findings and strategic recommendations to executive stakeholders in a clear and concise manner. • Continuously evaluate and improve forensic response processes, tools, and methodologies. • Develop and lead a team of incident response and forensics professionals, providing guidance, mentorship, and ongoing training to build a high-performing team. • Serve as a technical SME for more junior members of the forensics team. • Collaborate with other cybersecurity teams (e.g., Red Team, vulnerability management, CSOC) to enhance overall detection, response, and mitigation efforts. • Act as the primary point of escalation for large cybersecurity events. • Ability to preserve digital evidence, through industry standard best practices. • Perform reverse engineering malware and conducting static and dynamic analysis of files when required. • Perform detailed network analysis utilizing open-source and commercial tools. • Ability to utilize social media/open source for research. • Identify digital artifacts in a wide range of mobile, embedded, desktop, and server architectures. • Research various Cybersecurity Technologies and work with SMEs to make recommendations. • Maintain and improve forensics laboratory. Qualifications Required Education/Experience • Master's Degree and a minimum of five (6) years of Digital Forensics, Incident Response, or other related DFIR experience • Bachelor's Degree and a minimum of five (8) years of Digital Forensics, Incident Response, or other related DFIR experience Relevant Work Experience • Previous Digital Forensics/Incident Response experience required. • Proficient in using known commercial and/or open source, incident response and forensic software. • Understanding of industry standard policies, processes, and procedures • Understanding of chain of custody • Previous experience creating timelines and completing a root cause analysis. • Proficiency in collecting, analyzing the evidence collected and creating reports based on the findings to different stakeholders: (Technical, Executive, etc.) • Knowledge of current and evolving cyber threat landscape. • Understanding of OT systems, protocols, and industrial control systems (ICS) • Ability to remain agile and work in a fast-paced environment. • Highly organized and detail oriented. • Demonstrated analytical and impact analysis skills. • Ability to handle multiple priorities effectively. • Strong ethical standards and commitment to maintain confidentiality Skills and Abilities • Strong verbal communication and listening skills • Demonstrated written communication skills • Demonstrated analytical skills • Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc. Licenses and Certifications • Driver's License Required • Other: Relevant DFIR certifications such as GCIH, GCIA, GCFE, EnCE, GREM, CFCE or similar. Additional Physical Demands • Must be able to respond to Company emergencies by performing a System Emergency Assignment to restore service to our customers. • Must be able and willing to travel within Company service territory, as needed. • Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required

Requirements