Director, Security Operations
Moorestown, NJ, USA | Comcast
Industry:Media / Entertainment
IT / Information Technology
Job Description:71 people have viewed this job
The Director of Incident Response leads the company's enterprise-wide Cybersecurity Operations practice, which includes the 24x7 Security Fusion Center operations team. CCS is responsible for, under the guidance of the CISO and team, comprehensive information and cyber security across both the Enterprise and our Xfinity branded technology platforms. Responsibilities include providing day-to-day leadership of a team of security specialists monitoring security events and will also provide leadership for the execution of the response and remediation activities minimizing overall risk to the business. Excellent communications and business acumen skills are essential.
Partner with other security organizations and key internal stakeholders to ensure that security monitoring strategy are in conformity with overall security strategy.
Provide guidance and content expertise the content and quality of logs across broad technology platforms.
Manage and develop the Security Operations program, strategy, policies and processes; assist in creating and maintaining appropriate security policies and procedures governing data, networks, and application systems.
Analyze, recommend and implement monitoring and compliance procedures based on external and internal information security risk and vulnerability assessments.
Maintain security and operational efficiency metrics through comprehensive reporting, including dynamic data mining, historical reporting, self-auditing and tracking capabilities.
Maintain and update the corporate wide cyber incident response and crisis management plans along with managing escalations and notifications to key stakeholders and executive leadership.
Manage security forensics activities on potential compromised systems and unauthorized changes to production configurations.
Manage the 'Chan-of-Custody' for all evidence collected during security investigations.
Build efficiencies in incident tracking and handling via automation.
Provide input to other security disciplines on projects or efforts based on cyber activity or threats encountered by the Security Fusion Center.
Ability to direct the team and manage simultaneous large/small projects with minimal supervision.
Work with internal teams to continually improve processes used to identify security issues.
Provide coaching and mentoring to security operations people leaders and team members, recommend training as appropriate, and provide guidance and direction to staff related to career planning.
Knowledge of Security Incident Event Management systems
Ability to direct teams located at multiple locations and able to track & manage simultaneous activities
Ability to facilitate activities, tasks and deliverables of managed services providers.
Possesses strong written and verbal communication skills with both technical and non-technical audiences.
Cool under pressure, objective and diplomatic.
Strong analytical skills.
Able to work collaboratively with minimal supervision as part of a multi-disciplinary team.
Understands when to escalate and can influence without direct authority.
Strong human relations skills to select, develop, mentor, discipline and reward employees.
Must be able flexible in work schedule to allow for management of 24x7 team.
7+ years of experience leading Cyber Security Operations teams utilizing a Security Incident Event Management solution
Minimum 10+ years of experience in monitoring security events and security incident handling
Minimum 10+ years in security incident response and technical forensics investigation
Minimum 10+ years of experience with network based security mitigation systems or tools
Firm understanding of security controls and best practices to secure varying platforms (i.e., network, operating system, databases and application layers including web and source code security)
Proven track record managing security focused teams
Demonstrated experience in developing and implementing an operational security strategy in a large, complex environment with successful outcomes.
Proven analytical and problem solving ability
Comfortable with interfacing with other internal or external organizations regarding failure and incident response situations.
Education Level: Bachelor's Degree or Masters Preferred