Manager, Cyber Security Threat Intelligence and Response (Remote)

Resp & Qualifications

• Manage initiatives within the full Information Security Program including directly overseeing the evaluation, development and implementation of security programs. Consults with internal stakeholders to meet client delivery, quality, and cost goals.
• Manages subordinate staff members in the day-to-day operations of cybersecurity.
• Creates a system of measurable metrics to effectively monitor the impact of the cybersecurity program.
• Manage the operational support capabilities that ensure Cybersecurity hardware, software, and features are installed, patched, and properly configured so that they may continually be effective at securing platforms.
• Ensures organizational procedures are aligned to maintain compliance with industry and regulatory standards.
• Monitors trends to ensure organizational efficiency in cybersecurity applications.

• CISSP Certified Information Systems Security Professional
• Certified Information Security Manager (CISM)
• CompTIA Advanced Security Practitioner (CASP)

• 5 years Related professional experience
• 1 year Supervisory experience or demonstrated progressive leadership experience

• Subject matter expertise in at least one of the following areas: Cyber Threat Hunting, Cyber Threat Intelligence or Digital Forensics & Incident Response.
• Experienced leading a team of threat intelligence analysts.
• Experience working with a variety of threat intelligence gathering and monitoring tools.
• Experience working within threat sharing communities.
• Experienced incident responder/leader.
• Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs).
• In-depth understanding of advesary tools, tactics and procedures.
• Experience with threat modeling.
• Knowledge of relevant frameworks, standards, and best practices such as NIST CSF, PCI-DSS, CIS CSCs, MITRE ATT&CK, Cyber Kill Chain etc.
• Work with detection engineers to develop monitoring and metrics to support detection of advanced TTPs.
• Develop and maintain effective documentation; including monitoring, hunting, and response playbooks, processes, and other supporting operational material.

• Ability to multitask and manage multiple IT vendor relationships.
• Ability to lead and work as part of a team.
• Ability to execute technology and tool automation processes.
• Deep knowledge of risk treatment and mitigation strategies.
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity.
• Thorough understanding of cyber threats and vulnerabilities.
• Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.