About Mars, Incorporated
Mars is a family-owned business with more than a century of history making diverse products and offering services for people and the pets people love. With almost $35 billion in sales, the company is a global business that produces some of the world's best-loved brands: M&M's®, SNICKERS®, TWIX®, MILKY WAY®, DOVE®, PEDIGREE®, ROYAL CANIN®, WHISKAS®, EXTRA®, ORBIT®, 5™, SKITTLES®, UNCLE BEN'S®, MARS DRINKS and COCOAVIA®. Mars also provides veterinary health services that include BANFIELD® Pet Hospitals, Blue Pearl®, VCA® and Pet Partners™. Headquartered in McLean, VA, Mars operates in more than 80 countries. The Mars Five Principles – Quality, Responsibility, Mutuality, Efficiency and Freedom – inspire its more than 100,000 Associates to create value for all its partners and deliver growth they are proud of every day.
***Role can sit in Chicago, IL or Mt. Olive, NJ***
Cyber Defense consists of a global set of services including Incident Response, Threat Hunting, and Forensics. The Cyber Analytics Senior Lead is a key member of the Cyber Defense team that will develop and own the strategy for Cyber data analytics which identifies controls improvements and outcomes that ultimately provides risk reduction for Mars. The position will lead development of data analytics applications and dashboards, including the onboarding of data sources. This position generates insight to Cyber Defense and other Information Security leaders. This position reports to the Cyber Defense senior manager.
- Own the data analytics strategy and roadmap for Cyber Defense.
- Lead development of advanced techniques for security analysis including anomaly, intrusion detection, and behavior analytics for Cyber Defense.
- Provide insight to Cyber Defense senior manager and Information Security leadership as the program continues to adopt a data-driven, intelligence-based approach.
- Analyze data to identify stories that improve prevention, detection, and response controls providing risk reduction to the organization.
- Work with Cyber Defense service leads and Service Manager to create dashboards for use by incident response, threat hunting, and operational teams.
- Identify, evaluate, and recommend platforms and applications that efficiently and effectively enable Cyber Defense data analytics needs. Develop enhancement requests for existing platforms.
- Partner with Cyber Defense leads to define and manage the process to onboard data sources and systems into our security analytics portfolio. Data onboarding activities are delivered through our Information Security data platform team.
- Leverage data sources outside of Cyber Defense's direct control to generate new holistic insights by collaborating with partners and Information Security team members.
- Operate as Cyber Defense data subject matter expert and architect for team's data needs.
- Supports advanced incident response and threat hunting data needs.
Context and Scope:
- Leverages technical expertise in cyber data analytics and security technologies.
- Develops internal relationships with Cyber Defense team, Cybersecurity Engineering and other business stakeholders.
- Functionally coach associates and guide third party teams on the use of data.
- Up to 25% travel, with some opportunities for global travel.
Education & Professional Qualification:
- University degree (engineering/IT/computer science) or equivalent work experience.
- CISSP certification preferred.
- Splunk Core Certified Power User certification preferred.
- 7+ years work experience in IT cyber security or related information technology areas.
- 3+ years Splunk or similar data analytics platform usage and management.
- 2+ years experience of data analysis for anomaly, intrusion detection, social and behavioral analysis, etc.
- Experience with writing advanced Splunk SPL queries and dashboards.
- Experience with Python or R and the use of regular expressions.
- Understanding of networking fundamentals (TCP/IP, Network Layers, etc.) preferred.
- Understanding of cloud platforms preferred.
- Understanding of factory/ICS platforms preferred.
- Ability to work both individually and as part of a team.
- Strong technical writing and speaking skills.
- Activity and project management skills preferred.