Job Description :
· Job Title - Cyber Security Operations Director
· Salary – Open/ Fulltime
· Experience – 10-20 years
· Job Location – NYC - mid-town Manhattan

NO VISA SPONSORSHIP

Must Have - Must have significant background in Cyber Security from the most senior of levels with a consultative/operational skill set. This is an extremely high profile role requiring excellent English communication skills (written & verbal) and a history of interfacing at the highest level of corporate management

o Duties and tasks to be performed include, but are not limited to:
· Identify, respond, and mitigate sophisticated threats to our Client and coordinate efforts with portfolio companies
· Conduct incident response activities, including advanced investigation (forensic, malware analyses, root cause analysis etc to investigate potential intrusions and develop remediation guidance
· Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production down-time
· Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles
· Coordinate and drive efforts among multiple business units with the companies during response activities and post-mortem
· Proactive monitoring of internal and external-facing environment using security capabilities
· Provide timely, comprehensive and accurate information to our Client and portfolio company leadership in both written and verbal communications
· Proactively research and monitor security-related information sources to aid in the identification of threats to our Client and portfolio networks, systems and intellectual property
· Lead and mentor other staff members on incident response, analysis and tools
· Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats.
· developing threat awareness and education briefings
· maintaining technical proficiency in the use of tools, techniques and countermeasures
· maintaining professional knowledge of trends in computer and network vulnerabilities and exploits
· Responsible for the development and on-going reporting of program metrics
· participation in the production of cohesive technical intelligence reports
· On call and after hours work can be expected

o Basic Qualifications:
· BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence analysis, Cyber Security or another related field of study
· Overall 10+ year of professional experience with 7+ years in Cyber Security Operations
· Candidate must have knowledge of cyber terminology, tools, and concepts.
· Expert technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, malware (malware communication, installation, malware types), computer network defense operations (proxy, firewall, IDS/IPS, router/switch, open source information collection)
· Unix/Linux background & work experience
· Experience with and knowledge of cyber incidents and APT intrusion sets
· Demonstrated experience with information security tools (SIEM, FPC, signature development)
· Demonstrated experience with networking, system administration, architectures and security elements
· Resource must be able to identify and interpret logs from various servers and services such as Firewall, web, sql, and applications.

o Desired skills:
· The candidate should have the ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Maltego)
· Effective communication skills (both written and verbal)
· Demonstrated excellent customer service and teaming skills
· Experience researching and tracking APT campaigns
· Conceptual understanding of the Cyber Kill Chain, Intelligence Driven Defense and/or Diamond modeling of cyber threat activity
· Experience working with and managing service providers
· Malware/ Reverse Engineering experience
· Enterprise incident handling experience
· Forensic analysis experience
· Programming and scripting experience, should be comfortable with regular expressions
· Advanced proficiency in network analysis and using network security tools
· Experience with architectures and security elements
· Proven accountable, dependable and reliable work ethic
· SANS GIAC GGCIH/GCFA, CISSP
· Experience with the following technologies:
§ Windows, Mac, Linux, AIX
§ Palo Alto Firewalls
§ Microsoft Office 365 SPE Security Suite
§ Crowdstrike Falcon or similar EDR
§ Splunk
§ Tanium
§ Nexpose and Metasploit
§ Mimecast
§ ServiceNow
             

Similar Jobs you may be interested in ..