Frankfurt, Germany
At Arctic Wolf, we're not just navigating the cybersecurity landscape - we're redefining it. Our global team of dedicated Pack members is driving innovation and setting new industry standards every day. Our impact speaks for itself: we've earned recognition on the Forbes Cloud 100, CNBC Disruptor 50, Fortune Future 50, and Fortune Cyber 60 lists, and we recently took home the 2024 CRN Products of the Year award. We’re proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and earning a Customers' Choice distinction from Gartner Peer Insights. Our Aurora Platform also received CRN’s Products of the Year award in the inaugural Security Operations Platform category. Join a company that’s not only leading, but also shaping, the future of security operations.
Our mission is simple: End Cyber Risk. We’re looking for a Incident Response Engagement Manager (m/f/d) to be part of making this happen.
Responsibilities
Be the primary person scoping out new engagements for various types of engagements including but not limited to pre-ransomware, ransomware, network intrusion, website compromise, malware infection, business email compromise, insider threat and similar type incidents
Generate and, when necessary, revise IR Statement of Work (SOW), BAA, Service Agreement (SA), Attestation letter, insurance carrier form(s) and similar type documents
Lead assigned incident response engagements through the whole case lifecycle and be responsible for Client, Carrier, Counsel, and Partner(s) satisfaction and delivering of high quality work product.
Manage budgets on all cases, and provide SOW amendments along with reasons the amendment is needed to Client/Carrier/Counsel before we go over budget. Follow up with Client/Carrier/Counsel to make sure they understand why the amendment is needed and they remain satisfied with our work.
Work with Incident Response team managers to assign the correct team members to each case to meet the Client’s needs and balance utilization across the team.
Regularly view individual time entries to assigned cases to ensure proper entries are being made
Ensure cases are properly staffed through nights, weekends, holidays and personal time off.
Provide, or have another IR team member provide, daily updates to Client/Counsel surrounding the current status of all workstreams on the case, via email and phone call (if necessary)
Communicate regularly with technical and non-technical executives from Client/Counsel/Carrier/AW Partners, and smooth over any issues/concerns that may arise from any of those parties
Lead (with team collaboration) the creation and execution of the overall incident response plan for containment, evidence preservation, root cause analysis, remediation, restoration, data compromise investigation and threat actor communications.
Collaborate with internal AW teams and patterns to ensure we transition IR clients to long term MDR services.
Participate in weekday EM office hours
Participate in weekday EM escalation on call schedule
Participate in weekend EM on call schedule
Participate in holiday EM on call schedule
Participate in IRJS IR Planner reviews
Participate in Client tabletop exercises
Qualifications
Key Skills
Critical thinking and troubleshooting skills
Attention to detail
Organizational skills
Project management skills
Ability to multi-task on more than one case at a time
Verbal and written communication skills
Time-management skills
Documentation skills
Crisis communication skills (i.e. - deescalating)
Ability to anticipate Client needs and questions before they come up
Ability to lead and manage a diverse team of technical experts on multiple cases at a time
Stress management skills
Minimum Qualifications
6 months to 2 years of project and/or case management, technical customer service or similar type of experience
General knowledge of the Cyber Incident Response Lifecycle
Preferred Qualifications
Associate, Bachelors, or Masters Degree in Cybersecurity, Information Technologies, Incident Management, Project Management or similar
Former professional experience serving in a Client-facing role with a willingness and ability to provide a high-level of customer service in time sensitive situations, while maintaining quality standards
Experience with various operating systems, such as Windows, Linux, and Mac OS, and associated common digital artifacts
General knowledge of cyber-attack types and vectors
General knowledge of cybersecurity and cyberattack trends
Demonstrated history of being relied upon to take ownership over tasks, initiatives, and strategies, and provide communication to appropriate parties under tight timelines
About Arctic Wolf
At Arctic Wolf, we foster a collaborative and inclusive work environment that thrives on diversity of thought, background, and culture. This is reflected in our multiple awards, including Top Workplace USA (2021-2024), Best Places to Work – USA (2021-2024), Great Place to Work – Canada (2021-2024), Great Place to Work – UK (2024), and Kununu Top Company – Germany (2024). Our commitment to bold growth and shaping the future of security operations is matched by our dedication to customer satisfaction, with over 7,000 customers worldwide and more than 2,000 channel partners globally. As we continue to expand globally and enhance our technology, Arctic Wolf remains the most trusted name in the industry.
Our Values
Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good.
We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.
We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.
Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com.
Security Requirements
Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).
Background checks are required for this position.
This position may require access to information protected under U.S. export control laws and regulations, including the Export Administration Regulations (“EAR”). Please note that, if applicable, an offer for employment will be conditioned on authorization to receive software or technology controlled under these U.S. export control laws and regulations.
Ready to Make an Impact?
Apply now with your resume—and if available, your references or work samples. Join one of the fastest-growing and most innovative cybersecurity companies in the world.