Lead, Security Detection & Response Team

About The Position

Requirements

• Prior experience handling cyber security incidents, preferably at multiple companies and working with Managed Security Service Providers (MSSP).
• Confident and familiar working investigations (without assistance) in a modern SIEM such as Splunk, Sumologic, or DataDog.
• Hands-on approach to technology: dig in to understand and mold the technology to your needs.
• Familiarity with a coding language such as python, javascript, rust, or go will be beneficial.
• Proven track record of successful collaboration with internal and external partner organizations to deliver high-quality outcomes.
• Worked with and understand SaaS platforms and how to appropriately defend SaaS platforms from cyber attacks.
• Close familiarity with using public cloud services to provision SaaS/PaaS to external customers.
• Strong understanding of modern corporate networks (SD-Wan, service-based remote access, device trust, and endpoint machine identity).
• Experience investigating and countering modern adversary tactics, techniques, and procedures in an incident response setting.
• 5+ years of work experience in security engineering, incident response, threat intelligence, or cloud infrastructure security.
• Self starter that can work independently and collaboratively across multiple workstreams without technical program management support.
• Takes a data centric, objective approach to decision making and has the ability to put aside personal preferences, historical bias, peer pressure and political influences to arrive at decisions on a reasoned, objectively-defensible basis.
• Strong presence; good communicator and highly influential both externally as well as internally at the executive level and across the organization.
• Highly collaborative, team player with a company-first mentality; ability to influence, prioritize, and get alignment cross-functionally.
• Flexible, nimble, and scrappy; startup mentality and willingness/ability to change direction quickly if best for the business.
• A positive, energetic, can-do attitude.
• High EQ, hungry to succeed, achievement orientation, self-motivation.
• Highly confident, yet humble and self-aware.
• Entrepreneurial DNA; not afraid to take calculated risks, brings a mentality of rapid innovation and the desire to attain big goals.
• Creative problem solving skills as well as the ability to ignite the creativity of others.
• High integrity, principles, and ethics.

Nice To Haves

• Personally enjoy contributing to the security community and driving our industry to do better.

Responsibilities

• Execute the daily operations of the CyberSecurity Detection & Response function through leveraging an external Managed Security Services Provider (MSSP) and internal IT & Security engineering resources.
• Leverage the data collected as part of the Detection & Response program to identify and prioritize control gaps, process gaps, and training gaps in our Cyber Security posture.
• Through collaboration with IT, Security, and Product engineering teams, you’ll see those gaps closed and incident reoccurrence rates reduced.
• Work with internal and external partners to monitor cybersecurity threats and integrate the intelligence into our Detection & Response program.
• Leverage the trends you identify, and intelligence collected about the applicable threat space to influence our security roadmaps.
• Raise the maturity level of our cybersecurity operational functions in the response, intelligence, detection engineering, and offensive security domains.
• Run training programs to properly equip embedded responders within business and technical teams to quickly and effectively respond to security incidents.
• Aggressively introduce automation to eliminate manual processes within the Detection & Response function.
• Mentor incident response team members to continuously mature and refine our capabilities.

Benefits

• medical insurance
• dental insurance
• vision insurance
• 401(k) retirement plan
• life insurance
• long-term disability insurance
• short-term disability insurance
• flexible paid time off
• 12 weeks of paid parental leave
• national holidays paid