Manager Forensics and Cyber Threat Investigations
The Manager of Forensics and Cyber Threat Investigations is responsible for overseeing, coordinating and managing the investigation and analysis of cyber security incidents, breaches, client related fraud activity and cyber threats. Reporting to Sabre’s Director of Cyber Threat Management, the incumbent will assist in driving investigatory case resolution and the development of proactive offensive countermeasures and active defense. The Manager provides specialized support by searching, retrieving, gathering, handling, examining, analyzing, identifying and/or comparing digital and/or physical evidence, observes proper evidence custody and control procedures, documents findings, and prepares comprehensive written case notes and reports. This leadership role will also lead Sabre’s cyber forensics programs associated with computer, network and malware forensic investigations.
The Manager of Forensics and Cyber Threat Investigations requires an investigations focused mindset along with research and analysis competences, and the ability to proactively work with others across the Enterprise to develop processes for evidence retrieval, threat hunting and defining patterns associated with User Behavior Analytics. The ability to proactively and diplomatically interact with clients when investigating fraudulent or other unauthorized activities is required.
1.Lead and manage a team responsible for conducting highly sensitive, complex, investigations into cyber incidents, systems compromise, data loss, and other types of matters.
2.Help to establish the tools, processes, techniques and operations associated with user behavior analytics and active defense.
3.Conduct risk-based analysis of activity across the enterprise, including applications and systems utilized by Sabre clients, to identify anomalies and indicators of compromise.
4.In conjunction with other members of the Cyber Threat Management team, develop incident response action plans to respond to alerts, events and incidents.
5.Provide and lead forensic support for major incidents requiring forensic investigation and evidence gathering. Develop, enhance and oversee the computer and cyber forensics program and staff assigned.
6.Conduct and memorialize investigative interviews and generate investigative summary reports. Under the direction of the CISO, coordinate investigations as required with law enforcement, corporate legal, compliance and human resources.
Attract, retain, and lead a team of employees by educating, developing and managing them to deliver strong results. Provide training and mentoring of junior and mid-career team members.
Key Knowledge and Skill Requirements
Strategic thinker with demonstrated history of solution focused leadership with an emphasis on adaptive strategies to ensure constant evolution of skills and technology. Excellent problem solving, critical thinking, and analytical abilities. High tolerance for ambiguity and complexity. Intellectual curiosity and passion to drive results
A highly motivated self-starter. A team player who understands how to build partnerships and consensus and who has the ability to motivate and manage others, and ensure assigned tasks and deliverables are being accomplished, reported and completed.
Qualifications / Experience
- Bachelor degree or computer science degree or equivalent
- Minimum seven years professional experience, including at least five years of adversary threat high-tech investigation program experience.
- Two or more of the following certifications: CISSP, CISA, EnCE, CFCE, CHFI, CCFA, GCFE, OSCE.
- History of independently leading investigations with minimal supervision and experience developing and mentoring of staff.
- Advanced understanding of common server, desktop, and mobile OS required. Understanding of mainframe OS preferred.
- Experience with scripting tools required.
- Knowledge of cloud computing platforms including Amazon AWS, and Microsoft Azure.
Req ID: 42003