JOB SUMMARY The Director, Security Operations primary responsibility will be for the 24x7 operations of Cyber Security Operations Center (SOC). Reporting to the VP, Digital Risk Management, other responsibilities include security event response management, including identification, triage and response to security breaches, SOC metrics design and reporting, including SOC performance, efficiency, capacity, security controls, as well as apparent attacks, breaches, and other pertinent data for review with stakeholders and at the executive management. Sets department direction, motivates staff to achieve direction, and contributes to the strategy and direction of Information Security solution delivery and operationalization.
The Director, Global Cyber Security Operations has strong and demonstrable hands on expertise in Managed Security Service Provider, network security monitoring and incident response. They will lead the following areas Predictive monitoring, Threat and Vulnerability Management, Threat Hunting and Cyber Security Risk Assessments. This will be accomplished by pulling together information from a variety of systems; and normalizing and correlating the information. The SOC provides real-time (or near real-time) detection and reaction services for information security incidents within the company. Decision making is one of the most important traits.
Perform in-depth network security analysis and work with the SOC analyst team conducting incident response, event analysis and threat intelligence for the corporate enterprise
Provide both strategic analysis and near real-time auditing, analyzing, investigating, reporting, remediation, coordinating and tracking of security-related activities for the corporate enterprise
Analyze data and prepare reports that document vulnerabilities from network based attacks and recommends actions to prevent, repair or mitigate these vulnerabilities
Provide technical mentoring to other team members
Provide technical expertise on post event network security logs and trend analysis
Review security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks and discern false positives and provide results to management
Perform correlation of events from a variety of network, enterprise and host collection sensors
Coordinate and liaise with other departments within the company and external auditors with information regarding intrusion events, security incidents, and other threat indications and warnings information
Demonstrate both technical acumen and critical thinking abilities
Experience with trouble ticketing and change management tools
Coordination and escalation of issues to the Incident Response team
Provide detection and response to security events and incidents within the Network
Web application vulnerability scanning
Security log management and monitoring
Intrusion detection and prevention systems operations
Maintaining information security metrics
Bachelor’s degree in computer science + or a related discipline
15+ years of IT experience and a minimum of 10 years of management experience, preferably in security
CISSP, CISM, GIAC certifications highly desirable
Security log management
Strong analytical, documentation, and communication skills
Strong understanding of IDS & IPS technologies
Strong understanding of Windows event log analysis
Experience with enterprise information security data management tools
Understanding of network traffic analysis
Must possess planning, organizational, and motivational skills, able to write clearly and succinctly in technical and non-technical formats.
Ability to speak both extemporaneously and in formal settings.
Experience in root cause analysis, industry bench-marking, survey evaluation and data interpretation is required.
Have the ability to apply logic and reason to solve complex problems.
Able to infuse innovation and creativity to strategic plans.
Possess knowledge in the area of emergency/disaster management, physical security, critical incident stress management, risk management and business resiliency
Familiar with emergency procedure protocols and regulatory interfaces.
Experience in leading a team.
Strong analytical, critical thinking and problem solving skills.
Ability to establish and maintain cross-functional and positive working relationships.