Summary:
The Director, Security Operations should have an innate interest in building tools, be comfortable working with new technologies, and have a strong enthusiasm for enabling business operations through secure designs. The Security Operations Center moves quickly, no single day is the same as the previous day and the team interacts with a wide variety of stakeholders. Everyone on our team must welcome learning from and working with colleagues from a variety of backgrounds, roles, and needs. Reporting to the Vice President of Security Operations, this role will be responsible for leading our Security Operations Team and driving to the next level in our Capability Maturity. Our Security Operations team handles SOC operations, Incident Detection and Response enriched by Threat Intelligence, and Vulnerability Management at all layers of the stack. This team is also responsible for identifying, deploying and maintaining the tools required to provide these services.
Essential Job Functions:
Lead and coach our Security Operations and Incident Response Team to ensure prompt mitigation of any security threat.
Define, deploy and tune our Detection and Response platforms to ensure appropriate visibility across the enterprise.
Own, manage and administer the Security Incident and Event Management (SIEM) system.
Manage the Incident Response plan and develop SOPs and playbooks for Blue Team operations.
Manage Endpoint Detection & Response (EDR) tooling and processes to ensure maximum effectiveness.
Manage vendor partners to ensure the enterprise gets maximum value from engagements (right size, define KPIs, etc.)
Run a Vulnerability Management program to ensure that we have complete coverage, accurate and up-to-date data on our vulnerability posture and a process to quickly remediate vulnerabilities.
Keep current on information security risks, threat vectors and indicators of compromise. Keep current on technology trends for Blue Team tools.
Maintain regular and punctual attendance.
Other Related Duties:
Performs other related duties as assigned.
Supervisory Responsibilities:
This position has direct reports and has manager responsibilities. Manages staff and carries out supervisory responsibilities in accordance with the organization's policies and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; addressing complaints and resolving problems.
Qualifications:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and/or ability required.
Ability to work under pressure and handle multiple priorities.
Ability to drive strategic direction.
Strong knowledge of the Cisco security suite of tools, including Cisco Firepower, Cisco ASA, Cisco Umbrella, Cisco Identity Services Engine, and Cisco Stealthwatch.
Strong leadership, decision-making, planning, debugging, problem-solving skills.
Strong design and technical expertise
Education and/or Experience:
Bachelor's degree or equivalent experience.
Minimum ten (10) years of recent Security Operations leadership experience.
Certificates, Licenses, Registrations:
Security certification - GIAC, ISC2 or ISACA certification(s).
Language Skills:
Ability to read, and interpret documents such as policy and procedure manuals, safety rules, operating and maintenance instructions. Ability to write routine reports and correspondence. Ability to speak effectively before groups of customers or employees of organization.
Mathematical Skills:
Ability to calculate figures and amounts such as percentages. Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations.
Reasoning Ability:
Ability to apply common sense understanding to carry out instructions furnished in written, oral, or diagram form. Ability to deal with problems involving several concrete variables in standardized situations.
Physical Demands:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to sit and talk or hear. The employee is occasionally required to stand; walk; use hands to finger, handle, or feel; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds.
Work Environment:
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Work is normally performed in a typical interior work environment which does not subject the employee to any hazardous or unpleasant elements.
Equal Employment Opportunity:
Archwell is committed to providing equal employment opportunities to all employees and applicants without regard to race, ethnicity, color, sex, marital status, sexual orientation, gender identity or expression, pregnancy, religion, national origin, age (40 and over), disability, military status, genetic information or any other basis protected by applicable federal, state, or local laws.
Americans with Disabilities Act:
Applicants as well as employees who are or become disabled must be able to satisfactorily perform the essential job functions of the position either with or without reasonable accommodation. Applicants as well as employees are encouraged to meet with Human Resources as the organization shall review reasonable accommodations on a case-by-case basis in accordance with applicable law.
Job Responsibilities:
The statements reflect the general duties and responsibilities considered necessary to perform the essential functions of the job and should not be considered as an all-inclusive list of all the work requirements of the position. Archwell may change the specific job duties with or without prior notice based on the needs of the organization.