Information Security Lead - Cyber Security and Operations

About The Position

Requirements

• Bachelor’s degree or equivalent combination of education and/or experience
• Minimum of 7 years of experience in an Information Security role with at least two years in an incident response, threat analysis, or a security operation center role.
• Relevant knowledge and experience in two or more of the following areas: incident response, threat analysis, malware response , security operations, Network Security/next generation firewall, proxy configuration and management
• Demonstrated experience in threat detection technologies including two or more of the following: network or host intrusion prevention/detection systems (IPS/IDS), Endpoint Protection, Security Incident Event Management (SIEM), data loss prevention (DLP), Cloud Access Security Broker (CASB), Next-Gen Firewall (NGFW), or Multifactor-Authentication platforms (MFA)
• Demonstrated ability to analyze security events, perform initial triage, and determine appropriate next steps
• Demonstrated experience in security projects development, security vendor or services management, and request for proposal processes and procedures
• Strong organizational skills
• Strong attention to detail
• Good judgment
• Strong interpersonal communication skills
• Strong analytical and problem solving skills
• Able to work harmoniously and effectively with others
• Able to preserve confidentiality and exercise discretion
• Able to work under pressure
• Able to manage multiple projects with competing deadlines and priorities

Nice To Haves

• Bachelor’s degree
• Certified Information Systems Security Professional (CISSP) or equivalent is preferred
• One or more of the following technical certifications is preferred: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), or GIAC Reverse Engineering Malware (GREM), EC-Council Certified Security Analyst

Responsibilities

• Provide primary support for the network security solutions, including next generation firewalls, web proxies, Cloud Access Security Broker (CASB) technologies and other network security technologies
• Participate in and lead troubleshooting and resolution efforts for wide range of security and network related issues
• Review and triage information security alerts, provide analysis, determine and track remediation, and escalate as appropriate
• Proactively identify and assess security risks and works in advisory capacity for technical teams on mitigation strategies
• Participate as a member of the Information Security Operations Team (SecOps) by responding to information security incidents according to the Incident Response Plan
• Help build skillset of less experienced security personnel through knowledge transfer and mentoring
• Perform review of scheduled information security reports to identify abnormal or potentially suspicious activity within the environment
• Maintain the operational integrity of the Security Operations Center (SOC) through monitoring and periodic testing of critical tools and processes
• Develop working relationships with cross-functional teams from Information Technology, Physical Security, Human Resources, Marketing, Privacy, Legal, and third-party vendors to effectively respond to security incidents
• Document information security incident reports to capture relevant details including approach, root cause, lessons learned, and process improvements
• Contribute to the advancement of the security monitoring program through thought leadership and guidance on tools, technologies, and processes that provide automated and proactive detection and prevention
• Develop and improve process/procedure manuals and documentation related to incident response, threat intelligence, threat detection, and analysis of vulnerabilities
• Propose and generate metrics with emphasis on Security Operation Center (SOC) Key Performance Indicators (KPI).
• Provide secondary support for the log management and Security Information and Event Monitoring (SIEM) solutions, Multifactor Authentication platform (MFA), Privilege Access Management platform (PAM), and vulnerability management tools

Benefits

• bonus eligibility
• comprehensive benefits program