Cyber Security Incident Response Manager

US-IA-Des Moines
Job ID
Information Technology
Requires Non-Compete?

Job Summary

Career Opportunity: Wellmark is hiring the new position of Cyber Security Incident Response Manager.  In this role, you will coordinate and administer the efforts on behalf of Wellmarks Incident Response Plan (IRP). You will be responsible for continuous monitoring and the updating of the plan. In addition, you will conduct incident response training for key staff members across Wellmark and provide instructional and informational materials on how staff is expected to respond to an incident.


Our Ideal Candidate:  You are a strong verbal and written communicator first and foremost, and feel comfortable communicating with various levels in the organization including Senior Leadership. You consistently remain level headed in stressful situations. You have an extremely strong attention to detail.  You have a love of learning, catch on to new concepts quickly, and are consistently and proactively keeping up to date on changes in the security environment.


Core Competencies:

  • Accountability: Owning and taking responsibility for one’s actions.
  • Business Acumen: Understanding industry, market, financial and company specific operations.
  • Collaboration and Communication: Working together; listen to other’s ideas; communicate accurately and concisely.
  • Decision Making: Consider all facts and impacts when making decisions.
  • Focus on the Customer: Consistently doing what is in the best interest of our customer. Leaving a positive impression on the customer by elevating their experience; making it simpler and educating to helping them understand.

Minimum Qualifications Required (all must be met to be considered)

  • Bachelor’s degree or equivalent combination of applicable experience
  • Minimum 6  years of experience to include any combination of the following:
    • Solid understanding of incident response, threat modeling, and common attack vectors.
    • Solid knowledge of computer networks, and common protocols:  TCP/IP, UDP, DNS, FTP, SSL/TLS, HTTP, etc.
    • Experience providing education or training on the topic of cyber/information security
    • Experience developing proactive testing drills for Security, the Technology Division, and/or across the enterprise
  • Understand the value of artifacts that reside within endpoint, network, and application logs
  • Strong collaboration skills and an ability to lead cross-functional teams through informal leadership
  • High attention to detail
  • Demonstrated experience communicating complex security issues to senior leadership; written and verbal
  • Strong analytical skills to obtain relevant information/identify essential elements, and examine inconsistencies.  Then identify causes and key factor, and identify alternative solutions.
  • Demonstrated experience providing advice and counsel to stakeholders.

Hiring Specifications Preferred


  • Bachelor’s degree
  • Security/Forensic specific certifications - SANS Global Information Assurance Certification GIAC
  • Experiencing facilitating an Incident Response Plan (IRP)
  • Experience with NIST Cyber Security Framework (CSF)

Job Accountabilities

a. Oversee the coordination efforts of Wellmarks Incident Response Plan IRP. Will be responsible for the continuous monitoring and updates of the plan, including providing leadership and key stakeholders status updates/communications.

b. Responsible for the response and coordinating the resolution of critical incidents. Continuously look to improve and challenge existing processes and procedures in a very agile and fast moving information security environment. Collaborate and engage with subject matter experts throughout Information Security to find enhancement opportunities and improve the information security protocols and processes.

c. Conduct incident response training for key staff members in key functional area. Provide instructional and informational materials on how staff is expected to respond during an emergency. Assist divisions in the assignment and training of staff. Develop and maintain standards and procedures for incident response documentation. Maintain a library of response support and business resumption procedures and integrate into BCP/DR.

d. Collaborate with IT and vulnerability regarding performing risk analysis to proactively identify points of vulnerability and recommend avoidance and reduction strategies. Provide guidance to and coordinate the efforts of staff members in the development of system and organizational procedures for incident response.

e. Document and communicate findings to key stakeholders.

f. Serve as a Corporate Information Security Liaison with the Enterprise Business Continuity EBC group.

g. Other duties as assigned.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed