Manager 3, Security and Risk Operations

What you'll bring

• Proven track record of building scalable organizations that have world class threat detection capabilities
• Experience managing both in-house and out-sourced detection teams
• Technical proficiency performing security investigations at scale; including endpoint, cloud, identity, network, and email threats
• Practical experience with Detection & Response tools for network, endpoints, cloud, and identity as well as SOAR platforms
• Hands-on experience with SIEM and Data Lake solutions (e.g., Splunk, Snowflake, S3)
• Expertise with query languages (SQL, SPL, BigQuery)
• Strong fundamentals of Linux, MacOS, and Windows operating system internals
• Deep understanding of attacker techniques, tools and procedures
• Understanding of cloud environments such as AWS, GCP, and/or Azure
• Proficiency creating and managing operational metrics that increase team efficiency and quality
• Experience working with security frameworks like MITRE ATT&CK or Lockheed Martin’s Cyber Kill Chain; ability to track and discuss an attack through the cyber killchain
• Ability to manage effective relationships with organizational leaders, build a roadmap, and drive broad initiatives to completion
• Enthusiastic about managing and mentoring individuals pursuing careers in security operations and incident response.

Preferred Skills

• Admin or Architect level knowledge of a SIEM (Splunk, Azure Sentinel, QRadar, etc)
• In-depth knowledge of security standard processes in large-scale environments
• Ability to navigate hard conversations and disseminate information to team members.
• Willingness and ability to accept responsibility and provide guidance to team members
• Effective organizational and planning skills, with the ability to successfully guide projects through to completion
• Experience with software development or security automation highly preferred
• CISSP or CISM certification preferred
• Hand on experience with AWS Cloud (AWS Solutions Architect level of knowledge)

Required Education / Experience

• BA/BS degree or higher in Computer Science, Cybersecurity or equivalent work experience
• 5+ years’ industry experience in Incident Response or Security Operations activities
• 3+ years leadership experience in a SOC or similar role

How you will lead

• Define detection operations strategy, roadmap, and objectives
• Participate in Cyber Incident Response Team (CIRT) rotation that may involve non-traditional working hours