ActiveCampaign’s category-defining Customer Experience Automation Platform helps over 85,000 businesses in 158 countries meaningfully engage with their customers. The platform gives businesses of all sizes access to hundreds of pre-built automations that combine email marketing, marketing automation, CRM, and machine learning for powerful orchestration, segmentation and personalization across social, email, messaging, chat, and text. Over 70% of ActiveCampaign’s customers use its 300+ integrations including Shopify, Square, Facebook, Eventbrite, and Salesforce. ActiveCampaign scores higher in customer satisfaction than any other solution in both Marketing Automation and CRM All-In-One on G2.com.

As the fastest-growing SaaS company in Chicago, we are scaling rapidly to keep up with market demand. We are growing all of our teams and looking for people who share our values, deliver innovation frequently and join us in our mission to grow our customer base from 85,000 today to millions.

We are looking for an experienced Incident Response Manager to lead and manage our incident response and threat and vulnerability teams. As the Incident Response Manager, you will work with engineering teams to lead large-scale, cross-functional projects throughout the organization as well as manage incident and threat response efforts. You will be managing Incident Response and Threat and Vulnerability sub-teams.

Incident Response utilizes commercial and open source sourced detection tools deployed against our AWS environments. Translate raw intelligence from public and commercial threat reports into actionable detection rules that focus on TTPs. Performing proactive threat detection and threat hunting initiatives while educating cross organizational units on TTPs. This group is continuously focused on proactively identifying new threat exposure attack vectors across our organization. 

Threat and Vulnerability Management puts heavy emphasis on automation of patching across all of our cloud based and local assets. They also focus on threat intel and research while escalate findings to the Incident Response team. They utilize MITRE’s ATT&CK framework to reason about breadth, depth and areas for improvement. This group is continuously focused on reducing the overall threat exposure of the organization.

What your day could consist of:

• Lead a team of Incident Response and Threat and Vulnerability analysts
• Familiar with host and/or network-based forensics across Windows, Mac, and Linux platforms
• Develops and maintains incident response playbooks
• Can effectively communicate with leadership on the topics of forensics and malware analysis
• Assess and develop information security and incident response programs in a proactive fashion to help mature the security posture
• Lead incident response and proactive engagements
• Manages communications in incident situations and performs escalations
• Coordinates table top exercises – reports and leads improvements
• Produce high-quality written and verbal reports, presentations, recommendations, and findings to customer management

What is needed:

• Team leadership experience
• Incident Response: experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hactivists
• Computer Forensic Analysis: a background using a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise
• Network Forensic Analysis: strong knowledge of network protocols, network analysis tools, and ability to perform analysis of associated network logs
• Incident Remediation: strong understanding of targeted attacks and able to create customized tactical and strategic remediation plans
• Network Operations and Architecture/Engineering: strong understanding of secure network architecture and strong background in performing network operations
• Database and Cloud Development: knowledge of AWS architecture and data store implementations such as MySQL, Postgres, Elasticsearch, and other common cloud implementations
• Programming/Scripting: experience coding in Python, Perl, Ruby on Rails

ActiveCampaign is an employee-first culture. We take care of our employees at work and outside of work. We'll share all the details later on but in summary: comprehensive health and wellness benefits including no premiums for employees on our HSA plan, open time off plan, generous 401(k) matching with no vesting, lunch and endless snacks/ beverages, reimbursed commuting, education budgets, ongoing learning and development, a proactive approach to diversity and inclusion, career pathing and lots of swag.