Advanced Defensive Architecture, MD

About The Position

Requirements

• 15 years or more experience leading Security Architecture, Advanced Threat Hunting, analytic, or investigative teams with at least 5 years of cyber security related leadership experience preferred; or 5 years in managing cross-disciplinary cyber threat and/or forensic teams.
• Proven ability to successfully drive and develop teams that work remotely and across multiple geographic time zones.
• Experience in taking Threat Hunting related requirements and turning them into final products or presentations on time and on point.
• Experience in developing strategies for cross-functional detection and elimination of fraudulent behavior.
• Ability to perform forensics to validate security findings and experience using EDR or open source forensic tools
• Experience with SIEM and Network Security Monitoring tools
• Oversee the production of investigative reports and analysis that pertinent to evidence obtained during investigations
• Strong knowledge of cyber security threat actors particularly their tactics, techniques, procedures, tradecraft, and noteworthy attacks.
• Exceptional communications skills (oral and written) with a history of successfully engaging with groups such as Boards of Directors, executive management teams, and senior business leaders both internally and externally.
• Understanding of technology systems such as networks, applications, servers, cloud, authentication, and emerging technologies.
• Must be a self-starter, self-motivated, and able to work independently with little oversight while managing a large, globally distributed team.
• Able to develop and operate within a set financial budget.

Nice To Haves

• Bachelors Degree and/or Certifications in computer forensics, information security, and similar preferred.
• Experience working with information security teams such as fusion centers, security operations centers, vulnerability assessment, vulnerability threat management, security incident management, cyber “hunt,” and big data analysis.
• Managed or worked closely with public and private sector law enforcement agencies and external audit organizations with a strong understanding of their roles, responsibilities, and capabilities.

Responsibilities

• Driving the vision, strategy, and mission accomplishment of the entire Advanced Defensive Architecture organization.
• Assist with the selection, implementation, and usage enhancement of advanced monitoring tools
• Lead the research and implementation of techniques for threat detection and response both in a cloud and on-prem environment.
• Use automation to improve detection and response times and mitigation
• Respond to threats in real time, through diagnosis, communication, and remediation
• Oversee the management of response efforts against relevant or newly identified IOCs and guide research of new TTPs from public and internal reporting
• Coordinate defense in depth protections with third-party providers for threat intelligence, threat analysis, and threat remediation
• Build on and improve logging and monitoring infrastructure in collaboration with Infrastructure Security, Engineering, and Operations teams
• Actively engaging in liaison activities with the cyber threat community to include industry associations, peer financial institutions, and information sharing communities.
• Closely coordinating and supporting other State Street information security teams such as the Cyber Security Fusion Centers, Security Operations Centers, Vulnerability Assessment, Investigations, Cyber “Hunt” Teams, Big Data Analysis, Crisis Management, and Exercises.
• Working under tight deadlines to handle multiple/detail oriented tasks.
• Briefing State Street’s executive management team, senior leaders, and information security professionals on cyber threat trends, emerging challenges and relevant insights to State Street businesses.
• Developing and maintaining Advanced Cyber Threat & Forensic related policies, procedures, standards, and guidelines.
• Engaging with audit, compliance, and regulatory bodies globally.
• Leading information and threat hunt initiatives with peers, governments, and sharing organizations world-wide.
• Developing Advanced Defensive Architecture quality metrics.
• Reduce State Street security risks by leveraging controls and minimizing weaknesses
• Act as point of contact to executive leadership for dimensioning, managing and driving remediation of information security risks
• Recommend changes in security policies and practices in accordance with changes in local or federal law

Benefits

• Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.