Director, Cyber Threat Detection and Incident Response
Salary: Open + Bonus
Location: 100% Remote
*We are unable to provide sponsorship for this role*
A prestigious Fortune 500 company is seeking a Security Director who will manage a team of 8 over Threat Detection and Incident Response coming out of a large environment
7+ years of experience defending heterogenous enterprise environments. Red teaming or other offence-oriented experience a plus.
Experience with one or more of the following: cyber threat intelligence, threat hunting, detection content development, security data management, applied machine learning, cyber risk event triage and analysis, security incident response.
Demonstrated skill in developing and presenting on technical concepts to non-technical audiences, including project and product managers and non-technical leadership.
Experience in authoring, reviewing, and presenting technical and process documentation including requirements, architecture diagrams and sequence/flow diagrams.
Hands-on experience in development, implementation, roll-out and operations of threat management solutions.
Knowledge of professional software engineering practices and best practices for the full software development and technology management life cycle, including coding standards, code reviews, source control management, build processes, testing, and operations; Agile or Scaled Agile Framework (SAFe) a plus.
Previous experience with a major cloud platform, such as AWS or Azure
Bachelor's degree in Cyber Security, Computer Science, Information Systems or equivalent work experience in the IT field
Lead the evolution of a best-in-class security threat management program, incorporating cutting edge techniques in automation, machine learning, and distributed threat protection to broaden, deepen, and sharpen out capabilities to rapidly identify and eradicate cyber security threats.
Collaborate with cross-functional stakeholders from legal, corporate communications, privacy, compliance, facilities, and business continuity planning to mature enterprise end-to-end incident response plans and develop targeted playbooks to address emergent threats to the business.
Partner with architecture, infrastructure, cloud, and application development teams to establish and maintain comprehensive visibility into potential risk events across a hybrid cloud environment.
Sustain an agile, threat intelligence-driven continuous improvement process that leverages micro-purple testing techniques, hypothesis-based threat hunting, and the MITRE ATT&CK framework to identify and prioritize development of missing or ineffective telemetry, detection capabilities, and response playbooks required to detect, prevent, and respond to cyber risk events originating from threat actors
Define the strategy for cyber threat management, including the maintenance of the roadmap of technology and process architectures that document the target and working states of cyber risk event management services and a multi-year plan to close gaps against the target state while keeping current with changes to technology and threat landscapes.