Description:
• Lead a team of cyber security incident response and threat mitigation engineering professionals
• Be responsible for planning, design, operating Guardian’s cyber incident response and cyber threat mitigations operations across the areas
• Run our Corporate Incident Response Team as related to cybersecurity – coordinating actions and responses across teams
• Manage the plans, playbooks, quick reference guides necessary – and out-of-band communication plans
• Engage with 1st line teams to develop muscle memory and ensure containment actions (shutdown authorities are clear)
• Coordinate with business continuity/disaster recovery teams to ensure integrated approach to large events
• Be responsible for triaging & leading cyber security incidents advanced from the security operations center
• Manage third-party incident retainers and prepare for any future engagements
• Participate-in / coordinate periodic exercises with third-parties
• Ensure quality of security incident handling and cyber threat mitigation work
• Ensure incidents are appropriately tracked, reported and after-action reports documented
• Ensure metrics are timely and accurate
• Drive our user behavior analytics (UBA) program working with the business to develop and improve appropriate logging monitoring
• Develop standard operating procedures for our 1st line SOC based on threats/observed incidents
• Proactively identify gaps and opportunities in our logging and monitoring processes
• Host monthly incident response calibration/collaboration meetings across HR, physical security, fraud, legal, compliance to collaborate on issues and shared threats and knowledge
• Communicate to various levels of the organization, both written and oral concisely and clearly
• Provide strong technical understanding of security control monitoring process at different layers
• Identify (and champion where applicable) risk mitigation
• Collaborate with other leaders across cybersecurity to help define and complete cybersecurity strategy, financial, vendor and talent management
• Contribute to the enterprise organizational Data Loss Prevention program
• Lead, manage, guide, and mentor the staff on a regular basis, including selection/retention, goal setting, annual reviews, and compensation planning and career development
• Provide recommendations to management & leadership team to increase effectiveness of security technology solutions to mitigate cyber threats and handle incidents
• Respond to and assist with due diligence and internal / external security audit requests
• Identify and act on opportunities to further enhance and refine security incident handling & cyber threat mitigation processes & capabilities
Requirements:
• 7+ years broad/deep technology experience including public clouds
• 3+ years of leader experience in a security role, preferably involving incident response
• Incident response methodologies and evidence handline
• Strong written and oral communication skills
• Experience working across functions including business, legal, HR, communications, IT
• Analytical and curious attitude
• Knowledge of threat hunting and risk mitigation
• Knowledge of NIST CSF, MITRE, and others frameworks, malware analysis concepts, types of attacks and attackers, common vulnerabilities
• Experience with financial services or regulated entities, US privacy regulations
• Ability to think in a structured and creative manner to address cyber incidents
• Ability to process cyber threat intelligence and translate into actionable mitigation techniques and strategies
• Ability to lead a diverse high performing team
• Ability to accelerate impact and lead positive cybersecurity change
• Good knowledge of SIEM tools (Splunk preferred) and logging/monitoring, insider and UBA concepts and application
• BS/MS in relevant experience in cyber security and/or industry related certifications desired
• A continuous & lifelong learner
Benefits:
• Support and flexibility to achieve professional and personal goals
• Skill-building, leadership development, and philanthropic opportunities
• Opportunities to build communities and grow your career
