Cyber Response Manager; Cyber & Crisis background

Job Summary

Provides subject matter expertise and leadership for the day-to-day delivery of Molina enterprise cyber response/crisis management program activities. Partners closely with information technology (IT) security, business continuity, disaster response, and the Protection Services Operations Center (PSOC) team to ensure appropriate engagement and escalation protocols are in place to support business and technology incidents. Demonstrates leadership during an enterprise-wide cyber crisis event, and conducts incident after action reviews to identify strengths, improvement opportunities and track corrective actions.

Provides consultation on the design, development and deployment of scalable cyber response and crisis management solutions, tools and capabilities that align to the company’s goals and effectively address business objectives and requirements.

• Drives commitment, support, ownership, accountability and results for cyber response, incident response and crisis management activities.
• Assists with cyber response/incident management program and process documentation including policies, procedures, frameworks, templates, and creates instructions in support of the program and meeting regulatory requirements.
• Assists with documenting the standard operating procedures (SOPs), incident response playbooks, escalation protocols, etc. to facilitate response capabilities.
• Validates, tests, and identifies gaps in response strategies and communicates results to leadership.
• Reviews and provides input on select enterprise response systems, tools, and services to ensure effective planning, testing and response capabilities including out of band options.
• Conducts research and analysis to support cyber/incident response programs and projects.
• Develops and conducts employee incident response training to create awareness for areas of responsibility.
• Supports enterprise threat and cyber crisis response activities including: incident notifications and situational updates, employee emergency notifications, threat monitoring and analysis, notification of threat to appropriate stakeholders, cyber incident response team meeting coordination and minutes, state-specific incident response leadership, and support for impacted business operations.
• Prepares comprehensive, timely, and detailed response after-action reports.
• Analyzes trends across incidents and exercises to recommend improvements that may not be apparent from looking at each incident or exercise in isolation.
• Periodically tests and ensures readiness of continuity tools, including tools for out-of-band notification or incident communications.
• Establishes and maintains communication with enterprise crisis management, incident response team, and state-specific response team members.
• Coordinates with cyber response teams, the Chief Information Security Officer (CISO), legal, privacy, and the Protection Services Operations Center (PSOC) to respond to and support cyber crisis situations.
• Develops, enhances, and improves enterprise crisis management, cyber response while supporting incident plans and state-specific response plans; ensures annual plan compliance requirements are achieved.
• Assists in development of metrics and measurements supporting response programs evolution, validation, and business awareness.
• Implements processes, procedures and systems that will help ensure that the company’s continuity capabilities remain in compliance with all laws, regulations, and best practices.
• Assists in the evaluation, design and deployment of integrated systems and technology that support response, intelligence, service delivery and organizational strategy.
• Maintains roster of cyber crisis management and incident response team members.
• Conducts annual training of all crisis management and incident response plans as changes are made to each location team; prepares comprehensive, timely, and detailed test reports.
• Maintains lessons learned and remediation tracker; ensures response items requiring remediation are resolved within a timely manner.

• At least 6 years of operational experience across multiple cybersecurity disciplines and crisis management, including at least 3 years of corporate business experience in cyber response, incident response, crisis management, and/or disaster recovery, or equivalent combination of relevant education and experience.
• Experience conducting risk assessments, business process or control auditing.
• Strong documentation skills, including detailed tracking, executive briefing, and reporting skills.
• Practical understanding of technical/security concepts including network architecture design, logical access controls, vulnerability management, encryption, and cloud computing.
• Strong problem‑solving and analytical abilities, including the ability to critically evaluate information gathered from multiple sources, reconcile conflicts, decompose high‑level information into details and apply sound business knowledge.
• Strong…