Prestigious Enterprise Company is currently seeking a Director of Cyber Security Risk Operations and Threat. Candidate will be responsible for leading information security, appropriate use, and technology continuity risk events/incidents, and supports and maintains technical cyber risk management solutions.
Define, design, build, staff, and deliver to customers and stakeholders services to anticipate, detect and stop sophisticated cyber threats, conduct digital forensics investigations, detect and block appropriate use standard violations, recover from technology and facility continuity risk events, maintain and support all technical security and appropriate use solutions and process automation tools, manage the life cycle of identities and associated access rights.
Build and lead a 24x7 team of experienced cyber threat analysts to monitor and analyze security events by leveraging state of the art automation and manual threat hunting techniques with the goal of predicting and detecting information security incidents, and to tune and update automated threat detection solutions with newly available threat indicators/IOCs and detection rules.
Build and lead a team of security threat management solution designers and developers to envision, design, build, and implement automated threat detection and blocking solutions using behavior-based and indicator-based detection, machine learning-powered artificial intelligence, big data analytics and visualization, automated adversary deception, Real Time forensics, and other leading technologies.
Build and lead a team of experienced risk event analysts to monitor and analyze appropriate use events by leveraging state of the art automation with the goal of predicting, detecting and stopping appropriate use standard violations.
Build and lead a 24x7 team of senior incident response engineers and forensic investigators to contain, investigate, mitigate and recover from information security incidents and appropriate use risk events, to produce threat indicators/IOCs and share them within and across industries, and to conduct courtroom-quality forensic investigations in support of IT, HR, Legal, Compliance and other stakeholders.
Build and lead a team of cyber intelligence analysts to develop a formal threat modelling methodology, apply the methodology to create and update organization's threat profile, gather and analyze human-focused threat intelligence from commercial and public sources, and produce and disseminate intelligence reports to business leaders and risk management SMEs.
Collaborate closely with the leader of the Cyber Risk Solutions organization to form and lead a team of senior technology DR/continuity experts to monitor, predict and identify technology continuity risk events, to oversee, orchestrate, and manage the execution of technology recovery plans during risk events, and to ensure that appropriate functionality of technology solutions is restored in accordance with business requirements.
Collaborate closely with the leader of the Cyber Risk Solutions organization to form and lead a team of physical facility continuity experts to monitor, predict and identify facility continuity risk events, to facilitate and orchestrate the execution of recovery plans during risk events, and to ensure that business processes are restored to the appropriate level of functionality in accordance with business requirements.
Build and lead a 24x7 team of experienced security operations engineers to support and maintain enterprise technical security platforms, unique technical security solutions, security threat detection and response solutions, appropriate use risk event detection and blocking solutions, all major process automation tools (eg identity and access management process automation), and perform configuration administration, problem monitoring and resolution, performance monitoring and management, software life cycle management/patching, usage accounting, and disaster recovery activities.
Build and lead a team of security administrators and analysts to create, modify and delete identities, accounts, authentication credentials, authorization groups, security roles, and entitlements, to perform authorization recertification and reverification activities, and to manage the life cycle of security roles.
Build and lead a team of experienced security process automation solution designers and developers to envision, design, build, and implement solutions to automate the management of accounts, authentication credentials, authorization groups, security roles, and entitlements.
Establish and sustain strong working relationships with the organization's customers, stakeholders, federal and local law enforcement community (eg FBI, DHS, USSS), national intelligence organizations, and industry peers with similar responsibilities.
Partnering closely with the HR team hire, mentor, coach, train and manage the performance of the organization's leaders and individual contributors.
Develop and continuously evolve the organization's processes/methodologies, structure, culture, skills/experience, process support tools, knowledge resources, and other components.
Design and execute all of the organization's repeatable activities as mature (equivalent to CMMI maturity Level 3) processes.
Establish and maintain strong working relationships with industry peers and other external stakeholders including federal/local law enforcement agencies, industry organizations/consortia.
Communicate the status and accomplishments of the organization's operational activities and projects to company's executive leaders, peers in the IT organization, customers and stakeholders.
Partnering closely with the procurement and legal teams identify, select and actively manage the organization's suppliers, service providers and business partners.
Partnering closely with the Compliance and Audit teams ensure adherence to all applicable legal, regulatory and contractual requirements in all activities of the organization.
Manage the organization's operating and project budgets and ensure executive leadership's support for appropriate funding levels.
Instill and promote a strong results-oriented culture centered on business value creation, collaboration, commitment, merit-based recognition, personal development and external benchmarking.
Promote the company's image as a leader in setting strategy and developing services and capabilities as compared to competitors and peers in other industries.
Share leading practices and lessons learned in managing customer engagements, delivering services, and operating solutions with industry peers, other industries, professional consortia, and relevant government organizations.
Strong experience in senior leadership in the information security discipline in large enterprise organizations.
Exceptional written, visual and verbal communication skills and experience communicating effectively with executive business leaders and external customers.
Proven track record of identifying, hiring and retaining the top talent in cyber security, survivable system engineering, and IT risk management resource markets.
Experience in designing, building and managing global mission-critical 24x7 organizations that use a variety of staff sourcing models (co-sourcing, offshoring, etc.).
Experience in staffing, mentoring, coaching, and managing leadership teams consisting of multiple directors and senior managers.
Demonstrated track record of successfully developing and maturing cyber risk organizations with the emphasis on delivering results.
Deep understanding of and prior hands-on experience in all major information security, appropriate use, and survivable system engineering functions and activities including policy setting, vulnerability/risk research, security/availability architecture, system security/survivability engineering, incident response, cyber risk operations, cyber risk audit/compliance.
Track record of successfully executing profound organizational changes while maintaining support, buy-in and commitment from all stakeholders.
Complete architecture-level understanding of all major information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others.
Deep understanding of all applicable regulatory standards and requirements including HIPAA, NAIC ORSA, FISMA, NAIC MAR, and others.
Demonstrated ability to influence business leadership and cross-functional teams.
Proven track record of managing all aspects (scope, budget, schedule, quality) of cross-functional large-scale IT/business projects in Fortune 100 scale global environments.
Externally recognized information security and IT risk management industry thought leadership and innovation accomplishments.
Strong skills and experience in designing and documenting complex processes, and identifying and eliminating deficiencies in existing process designs.
Understanding of contemporary security vulnerabilities, exploitation techniques and attack vectors.
Demonstrated ability to establish and maintain strong working relationships with external customers, suppliers, business partners, industry peers.
CISM or CISSP is strongly preferred.