What part will you play?
You will lead the Security Incident Response Team (SIRT) and Security Operations Center (SOC) as part of the organization's Counter Threat Unit (CTU). The CTU's primary purpose is to serve as the company's first line of defense against cyber security threats. This mission includes protecting leading edge technology for some of the largest websites and broadcast environments in the world including, CNN, TBS, TNT, bleacher report, etc. The team is also charged with ensuring the cyber security of news correspondents and offices across the globe in a wide variety of locations.
What will you be doing?
- Lead the execution of the operational activities to prevent, detect and respond to attacks
- Develop innovative ways to detect threats and anomalous behavior leveraging host, network, and data logs and detection tools
- Manage a global team (Asia Pac, LATAM, Americas) of security analysts responsible for responding to cyber attacks
- Mentor and train new personnel
- Provide leadership and support during security incidents and investigations
- Drive the identification of root cause, and translate into opportunities to mitigate risk
- Optimize the processes to respond and investigate detected attacks
- Drive the deployment and effective implementation of security tools across the environment
What do we require from you?
- 5+ years experience within information security
- At least 5 years experience operating as part of a cyber-defense organization
- Mastery of one or more of the following: SIEM deployments, Host Forensics, Network Forensics, Malware Reversing, Intrusion Detection, Anomaly Detection, Threat Research
- Experience with Splunk and end point agent knowledge: i.e. FireEye, CrowdStrike, Carbon Black
- Experience with orchestration: i.e. Phantom, Demisto, Resilient a plus
- Threat intelligence and hunting experience a plus
- In depth knowledge of Windows, OSX and or *nix operating systems
- Experience protecting large internet facing applications is a plus
- Experience managing teams and/or larger projects
- Convey complicated technical analysis to senior management via investigation synopses, graphical depictions of attacks, and comprehensive presentations
- Able to manage vendor relationships for security services and technical platforms
- Strong English verbal and written communication skills
- Ability to multi-task and prioritize work effectively
- Highly motivated self-starter
- Responsive to challenging tasking
- Attention to detail
- Ability to document and explain technical details in a concise and understandable manner
- Strong sense of ownership and driven to manage tasks to completion