Director Cyber Threat Operations

col-narrow-left
Job ID:
2446280
Location:
San Francisco, CA
Category:
Information Technology, Telecommunications, Array
Salary:
per year
Employment Type:
Full time
Posted:
12.07.2017
col-narrow-right
col-wide

Job Description:

Looking for a Director over Cyber Security Risk Operations and Cyber Event Threat Operations

Full relocation, $10 Billion company, 4,500 employees

This role is all around threat incident response, forensics, SOC, event detection, IAM automation service delivery. You will build up this area from scratch. You will staff it, grow it. 4 - direct reports (managers)

RESPONSIBILITIES

Envision, define, design, build, staff, and deliver to customers and stakeholders services to anticipate, detect and stop sophisticated cyber threats, conduct digital forensics investigations, detect and block appropriate use standard violations, recover from technology and facility continuity risk events, maintain and support all technical security and appropriate use solutions and process automation tools, manage the life cycle of identities and associated access rights.

Build and lead a 24x7 team of experienced cyber threat analysts to monitor and analyze security events by leveraging state of the art automation and manual threat hunting techniques with the goal of predicting and detecting information security incidents, and to tune and update automated threat detection solutions with newly available threat indicators/IOCs and detection rules.

Build and lead a team of security threat management solution designers and developers to envision, design, build, and implement automated threat detection and blocking solutions using behavior-based and indicator-based detection, machine learning-powered artificial intelligence, big data analytics and visualization, automated adversary deception, Real Time forensics, and other leading technologies.

Build and lead a team of experienced risk event analysts to monitor and analyze appropriate use events by leveraging state of the art automation with the goal of predicting, detecting and stopping appropriate use standard violations.

Build and lead a 24x7 team of senior incident response engineers and forensic investigators to contain, investigate, mitigate and recover from information security incidents and appropriate use risk events, to produce threat indicators/IOCs and share them within and across industries, and to conduct courtroom-quality forensic investigations in support of IT, HR, Legal, Compliance and other stakeholders.

Build and lead a team of cyber intelligence analysts to develop a formal threat modelling methodology, apply the methodology to create and update organization's threat profile, gather and analyze human-focused threat intelligence from commercial and public sources, and produce and disseminate intelligence reports to business leaders and risk management SMEs.

Collaborate closely with the leader of the Cyber Risk Solutions organization to form and lead a team of senior technology DR/continuity experts to monitor, predict and identify technology continuity risk events, to oversee, orchestrate, and manage the execution of technology recovery plans during risk events, and to ensure that appropriate functionality of technology solutions is restored in accordance with business requirements.

QUALIFICATIONS

At least 3 to 7 years of senior leadership experience in the information security discipline in Fortune 100 size organizations.

Exceptional written, visual and verbal communication skills and experience communicating effectively with executive business leaders and external customers.

Proven track record of identifying, hiring and retaining the top talent in cyber security, survivable system engineering, and IT risk management resource markets.

Experience in designing, building and managing global mission-critical 24x7 organizations that use a variety of staff sourcing models (co-sourcing, offshoring, etc.).

Experience in staffing, mentoring, coaching, and managing leadership teams consisting of multiple directors and senior managers.

Demonstrated track record of successfully developing and maturing cyber risk organizations with the emphasis on delivering results.

Deep understanding of and prior hands-on experience in all major information security, appropriate use, and survivable system engineering functions and activities including policy setting, vulnerability/risk research, security/availability architecture, system security/survivability engineering, incident response, cyber risk operations, cyber risk audit/compliance.

Track record of successfully executing profound organizational changes while maintaining support, buy-in and commitment from all stakeholders.

Complete architecture-level understanding of all major information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others.

Deep understanding of all applicable regulatory standards and requirements including HIPAA, NAIC ORSA, FISMA, NAIC MAR, and others.

Demonstrated ability to influence business leadership and cross-functional teams.

Proven track record of managing all aspects (scope, budget, schedule, quality) of cross-functional large-scale IT/business projects in Fortune 100 scale global environments.

Externally recognized information security and IT risk management industry thought leadership and innovation accomplishments.

Strong skills and experience in designing and documenting complex processes, and identifying and eliminating deficiencies in existing process designs.

Understanding of contemporary security vulnerabilities, exploitation techniques and attack vectors.

Demonstrated ability to establish and maintain strong working relationships with external customers, suppliers, business partners, industry peers.

A widely-recognized professional certification such as CISM or CISSP is strongly preferred.

Company Info
Request Technology - Robyn Honquest