Cyber Command Center Lead - SOC

Location: Dallas, TX
Date Posted: 12-28-2018
Job Description
 
The charter of the Information Security Office (ISO) is to partner with our business units, other corporate support functions, and user community to protect the corporate brand, data and assets. The ISO is responsible for the design, implementation and maintenance of an information security framework, policies and processes that protect the business, services, information and systems against unauthorized use, disclosure, modification, damage and loss.

Your core priorities will be to:
Individuals within the Information Security Office plan, execute, and manage multi-faceted projects related to cyber security to detect, prevent and respond to threats that are affecting the company. Individual should have a mindset of a defender and should be able to operate in a fast-paced global environment working closely with our infrastructure team which includes Network, Server, Endpoint and Application teams.
Individual will lead execution of security procedures such as security breach escalation procedures, incident response plan and exercises, metrics, response playbooks, security assessment procedures, use of firewalls and encryption routines, customizing threat feeds, work with security operation center, monitor and analyze threat and vulnerabilities, deploy solutions to protect network, email and endpoint devices.
 
This individual will work directly with the customers, third parties and other internal departments and organizations to facilitate incident response activities and to identify vulnerable areas. Individual will also communicate and educate IT and the business about security policies and industry standards, and provide solutions for enterprise/business security issues.
 
 Oversees the planning, execution, and management of Cyber Command Center operations.
  • Continuously mature the security operations to pro-actively monitor for threats that are targeting the enterprise and build solutions to counter and respond to them
  • Drive innovation to sustain and automate the cyber operations by designing and working with cyber engineering team
  • Develop and manage security for multiple IT functional areas (e.g., applications, systems, network and/or Web) across the enterprise.
  • Serves as a subject matter expert (SME) for performing security and threat assessments
  • Develops security solutions for critical and/or highly complex assignments. 
  • Leads multiple projects or programs.
  • Take ownership to lead and manage cyber security incidents by working and collaborating with all parties involved across the enterprise with good communication skill set and drive to completion with constant reporting to the stake holders
  • Manage a team of individuals and vendors to provide support to Cyber Command Center which is built to protect data across ABC enterprise
  • Manage a global team which provides 24x7 cyber security operations  
  • Monitors networks for signs of adversarial activity as a key member of the Cybersecurity Command Center
  • Experience in customizing intelligence feeds to suit ABC organization
  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event intelligence and summary information
  • Detects the full spectrum of known cyber-attacks (e.g., DDoS, malware, phishing, ransomware & others) along with any security and compliance violations
  • Provides Tier III technical expertise on post event security intelligence and trend analysis
  • Guide, mature and work with the security operations team to maintain state-of-the-art cyber command center
  • Responds to alerts from various systems and platforms to address potentially malicious events in a timely manner
  • Independently leads computer incident investigations, determining the cause of the security incident and preserving evidence for potential legal action
  • Routinely develops and updates incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
  • Provides other services as a key member of the Cybersecurity team:
  • Security review of changes to networks, servers and end point devices in collaboration with infrastructure operations
  • Security review of encryption policies, sensor policies for IDS/IPS, Firewalls, web security gateway, logging
  • Investigations and Forensics
  • Proposes additional components and techniques that could be used to proactively detect and prevent malicious activity.
  • Manages day-to-day relationship with security and infrastructure services partners
  • Conducts research of emerging security threats.
  • Develops security solutions for critical and/or highly complex assignments. 
  • Develops remediation strategies and risk responses associated with the protection of infrastructure and information assets.
  • Mentors less-experienced team members.


KNOWLEDGE, SKILLS & ABILITIES REQUIRED 
To perform this job successfully, the applicant must be able to perform each essential duty. The requirements listed below are representative of the minimal qualifications required.   
  • Bachelor’s Degree in Computer Science, Information Systems or other related field, or equivalent work experience.Typically requires 7-8 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 4 years’ experience designing and deploying cyber security solutions for operations at the enterprise level.
  • Requires Security Certification(s) (i.e., Certified Information Systems Security Professional (CISSP), or Certified Information Security Manage (CISM) or CEH or other equivalent recognized security certifications
  • Exceptional oral and written skills with great attitude to help, learn and grow.
  • Experience applying structured analytical methodologies to threat monitoring and intelligence analysis, e.g. Cyber Kill Chain
  • Experience with Network protocols and packet analysis tools
  • Must know SSL/TLS, HTTP, DNS, SMTP, IPsec, PKI, proxies, TCP/IP, VM, Wireless, VPN
  • Solid understanding of cloud based critical infrastructure systems security threats
  • Deep experience with cyber security in the domains of cyber threat intelligence and analysis, security monitoring and Incident Response
  • Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
  • Demonstrated sound understanding of at least 3 of the following standards such as ISO 27001/27002, COBIT, ITIL, NIST, HIPAA, SOX and PCI
  • Ability to lead and provide direction to project teams
  • Strong consultative skills; ability to interface effectively with technical and non-technical leaders.
  • Understands Information Security as it relates to the business and other areas of IT; understands direct impacts and risks.


BENEFITS
We offer competitive total rewards compensation. Our commitment to our associates includes benefit programs that are comprehensive, diverse and designed to meet the various needs across our associate population.
  • Healthcare for associates and eligible dependents, same-sex and domestic partners
  • Paid time off, including vacations and holidays
  • Paid volunteer time off
  • Life insurance and disability protection
  • Pet insurance
  • Employee Stock Purchase Program
  • Retirement benefits and more…
Throughout our global footprint and various business units, we take a balanced approach to the benefits we offer. Many benefits are company-paid, while others are available through associate contributions. Specific benefit offerings may vary by location, position and/or business unit.
 
this job portal is powered by CATS