Senior Director Lead Cyber Defense & Response

Ally FinancialCharlotte, NC
285dOnsite
Match Resume

About The Position

The Senior Director Lead, Cyber Defense & Response at Ally is part of the Executive Leadership for Information Protection and Risk Management. The Senior Director Lead will drive the established approach to the management of security risks at Ally while partnering with other members of the Senior Leadership team. Responsible for overseeing the management of technical security staff and ensuring IPRM People Managers are delivering upon overall objectives. In this role you will provide industry-leading Security Operations Center, Incident Response, Cyber Threat Intelligence, Threat Emulation and Offensive Security services. You will help Ally continuously detect and respond to threats and help reduce the overall impact of business risk before, during, and after an incident. You will be able to resolve security incidents quickly and at scale with complete end-to-end incident response including monitoring, detection, investigation, containment, remediation, and partnering with our lines of business partners, support teams and crisis management function. You will work on engagements navigating incidents, performing forensic analysis, threat hunting, and malware triage. Experience with threat intelligence, machine intelligence, and security objectives and controls validation will be instrumental in helping defend against today's advanced threats.

Requirements

  • Bachelor's degree in information systems or relevant field of study or equivalent experience
  • 12+ years of Technology experience with at least 7 years of focus in Information Security
  • 3+ years of Security Operations Center and Incident Response experience
  • CISSP, CISM, CISA, CRISC certification(s) preferred
  • Experience with and strong working knowledge of Threat Intelligence, Cloud Security, Offensive Security and Threat Emulation disciplines and services
  • Strong working knowledge of current cyber security threats and techniques, as well as a dedicated and self-driven desire to help research and assist in the selection of cyber security products
  • Proven track record managing experienced staff in the implementation of the Information Security strategy
  • Expert knowledge in the identification, plan for resolution, and execution of action plans for complex problems in a regulated environment
  • Strong leadership skills and the ability to work effectively with business managers, Technology engineering, and Technology operations staff
  • A strong understanding of operating system internals and network protocols
  • Familiarity with the principles of cryptography and cryptanalysis
  • Experience working with legal, audit, and compliance staff
  • Familiarity with NIST, ISO, CIS, COBIT and other key security frameworks
  • Familiarity with FFIEC and FDIC regulations
  • Familiarity with GLBA, HIPAA, SOX and PCI security requirements and expectations
  • Comfortable handling high level strategy and implementation details
  • Excellent problem-solving and troubleshooting skills with a strong attention to detail
  • Solid understanding of information security requirements and auditing processes
  • Ability to develop and maintain standards, policies and procedures and to maintain effective working relations
  • Strong leadership, analytical, planning, and resource management skills
  • Excellent verbal & written communication, including interaction with internal engineering and business teams as well as the development of Executive level presentations
  • Constant process improvement thinking to identify automation opportunities, reduce delivery time and increase customer satisfaction
  • Ability to work independently with minimal supervision, with an ability to make independent decisions when appropriate
  • Willing to work after-hours and weekends when security issues arise which require immediate resolution
  • Strong administrative, coordination and interpersonal skills with the ability to motivate and lead people, and help them develop as cyber security professionals
  • Strong experience showing the ability to effectively lead and manage local and remote teams, both direct and matrixed
  • Solid project management skills and familiarity with Agile methodologies such as Scrum and Kanban

Responsibilities

  • Drive the established approach to the management of security risks at Ally while partnering with other members of the Senior Leadership team
  • Lead a 24x7 team of Managers, Principal and Analysts in response, incident management, cyber threat intelligence, red team, and detection engineering roles
  • Focus on delivering commitments aligned to enterprise cyber security priorities
  • Build support for implementing security strategies with peer business and technology leaders
  • Set vision for maturing the cyber security defense and response organization, guide development of actionable roadmaps and plans, and ensure execution of those plans
  • Implement risk management practices in line with enterprise policies and practices
  • Set technology platform vision, encourage security response innovation, and lead implementation of projects
  • Interface with external agencies or industry forums to exchange cyber threat intelligence information
  • Manage allocation of people and financial resources
  • Develop strategies for hiring and retaining top cyber security response talent
  • Guide a culture of talent development as a force-multiplier
  • Effectively build, mature and lead cross-functional teams that support major security initiatives
  • Develop and implement Roadmaps to define short and long-term strategies as well as activity, funding and resource requirements
  • Identify, select and manage related security technologies and vendors to ensure that service delivery and support meet performance and business objectives
  • Continuously evaluate and assess current and future security needs of the organization and make recommendations and business case requests to substantiate changes
  • Develop and maintain project scopes, timelines and budgets, through internal team and business partners
  • Understand and adhere to the regulatory and compliance requirements that impact either current business operations or potential customer engagements
  • Think in an innovative and creative way to assist in the growth of our business by providing timely and flexible security solutions
  • Manage customer communications as they relate to security initiatives and share actionable information with organizational leadership to assist with and facilitate informed decision-making

Benefits

  • 11 paid holidays
  • 20 paid time off days
  • 8 hours of volunteer time off, yearly
  • 401K retirement savings plan with matching and company contributions
  • Student loan pay downs and 529 educational save up assistance programs
  • Tuition reimbursement
  • Employee stock purchase plan
  • Flexible health and insurance options including medical, dental and vision
  • Employee, spouse and child life insurance
  • Short- and long-term disability
  • Pre-tax Health Savings Account with employer contributions
  • Healthcare FSA
  • Critical illness, accident & hospital indemnity insurance
  • Total well-being program
  • Adoption, surrogacy and fertility assistance
  • Paid parental and caregiver leave
  • Dependent Day Care FSA
  • Back-up child and adult/elder care days
  • Childcare discounts
  • Mentally Fit Employee Assistance Program
  • Subsidized and discounted Weight Watchers® program
  • Travel allowances, relocation assistance, a signing bonus and/or equity may be available depending on the role

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Industry

Credit Intermediation and Related Activities

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service