Cyber Security Manager - Cyber Operations

Equifax   •  

Montgomery, AL

Industry: Technology

  •  

5 - 7 years

Posted 38 days ago

Who is Equifax?

Equifax is a global information solutions company that uses trusted unique data, creative analytics, technology and industry expertise to power organizations and individuals around the world by transforming knowledge into insights that help make more informed business and personal decisions.

Regardless of location or role, the individual and collective work of our people makes a difference in our business.

We are looking for individuals who can help us disrupt the marketplace. You will do this by delivering leading-edge technology to build and deliver unparalleled customized insights that enrich both the performance of businesses and the lives of consumers.

We will give you the opportunity to drive innovation and automation across the enterprise. This will include tool and process integrations across all business units within Equifax globally.

Your Responsibilities:

  • You will report to the Head of Detection and Response in Cyber Operations and lead and manage a team of security talented security engineers (5-12)
  • You will be responsible for managing and growing this team over next 1-3 years (both in talent and strength) as Equifax continues to make strategic investment in cybersecurity.
  • Drive creation and implementation of countermeasures (e.g. IPS signatures, DLP rules, WAF signatures, etc.) for protecting Equifax information assets
  • You will engage teams for timely deployment of countermeasures against zero day exploitation
  • Drive creation and implementation of custom alerting rules, searches, and dashboards in SEIM for review and investigations
  • Work closely with incident response, SOC, cyber intelligence teams daily
  • Ensure network and endpoint visibility is maintained, globally
  • Help review proposed firewall, proxy, and other networkinfrastructure changes in order to determine the most restrictive rules, while still fulfilling the needs of the business
  • Use sound IT knowledge to identify/respond to common attacks through common vectors and methods with support from senior team members as needed
  • Gather structured data for the purposes of metrics and reports
  • Implementation of technical responses to identified Indicators of interest in security tools related to cyber-attacks to aid in blocking or alerting on future activity.
  • Describe and document system functionality, problem areas, and feature gaps in new and existing analytical tools
  • Help in planning and budgeting process
  • Actively attempt to enrich team value by sharing knowledge
  • Available to solve and address securityevents of interest or incidents on as needed / on-call basis
  • Work with global security officers to client and regulatory audits as needed

Required Technical Skills: (Minimum 6 required):

  • Solid experience and knowledge of tools used for networksecurity (DLP, NIPS, WAF, HIPS, AV, Firewalls, etc.)
  • Experience in SIEM and automation tools such as Splunk and Phantom
  • Experience in signature development (IPS, Yara, A/V, WAF, etc.)
  • Experience with open source tools (Security Onion, Moloch, Elastic Search, etc.)
  • Solid understanding of *nix and Windows operating system functionality
  • Scripting and coding experience (bash, PowerShell, python, etc.)
  • Superb analytical, documentation, and communication skills a requirement
  • Experience developing and proposing technical solutions for complex problems
  • Experience in in-depth evaluation of disparate data sources (trends and reporting)
  • Experience in use case development in support of security monitoring processes

Education & Other Requirements:

  • B.S. Computer Science/Engineering or similar technical degree program Or equivalent experience in cybersecurity
  • 5+ years of experience in operational security and incident response,
  • 2+ years of experience in one or more of the following areas- SIEM, EDR, analytics and/or automation
  • Relevant security certifications a plus (such as: CISSP, GCIA, GCIH, GREM, CEH, others)
  • Experience deploying or supporting enterprise logging infrastructure is a plus

The Perks of being an Equifax Employee?

We offer an excellent compensation packages with high-reaching market salaries and 401k matching, along with the works: comprehensive healthcare packages, schedule flexibility, work from home opportunities, paid time off, and organizational growth potential.

This position sits in our Alpharetta location, which includes a state of the art gym, onsite dry cleaning services, onsite café, food trucks Monday through Thursday, and several excellent restaurants nearby in case you want to explore the area.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

To speak to us about this role in more detail apply online.

#LI-SH2