Job Description:
• Lead 24x7 Threat Detection and Response Analysts providing operational and strategic planning
• Work closely with customers on reporting, stewardship calls, and in the case of escalations
• Enforce all policies and procedures, including those for security, disaster recovery, standards, and service provision
• Drive continuous refinement and improvement of detection and response and incident response processes
• Oversee the security of Client systems via Advanced Fusion Center (AFC) service
• Keep current with the latest vendor updates, expansion opportunities, and technology directions
• Collaborate and consult with other Managers on the overall advancement of the Security Operations organization and Optiv in general
• Direct and drive process and documentation improvement
• Manage staffing including recruitment, supervision, scheduling, development, evaluation, and disciplinary actions
• Develop and maintain an educational environment where the knowledge and performance of the group are constantly advancing
• Perform staff performance appraisals
• Ensure timely reporting of security control gaps and vulnerabilities to the customer
• Prepare reporting of metrics and trending of SLA & KPIs to the customer and client support staff
• Stay abreast of evolving risks, new developments in the security industry, and industry best practices in risk management, threat analysis, and threat response techniques
• Attend info security-related events and network with industry peers
Requirements:
• 12+ years professional IT and Information Security experience
• 5+ years leading technical Threat Detection and Response teams
• 5+ years professional experience in cyber operations centers
• 3+ years professional experience in managed services
• One or more certifications in Security/Networking including Security+, GSEC, GCIA, GCIH, CISSP, CISM, CISA, or other security-specific vendors/product certifications
• Proven ability to make decisions and perform complex problem-solving activities under pressure
• Advanced business acumen required
• Sharp analytical abilities and the ability to make sound decisions quickly are required
• Deep understanding of SIEM vendors, solutions, and architecture such as LogRhythm, QRadar, Splunk, Exabeam, etc.
• Deep understanding of EDR vendors, solutions, and architecture such as Crowdstrike, Cylance, Carbon Black, Microsoft ATP
• Deep understanding of regulatory compliance such as NIST, SOX, HIPPA, NERC CIP, PCI, etc. and their differentiators across global regions
• Deep understanding of laws pertaining to cybersecurity and their differentiators across global regions
• Understanding of Security Orchestration, Automation, and Response concepts
• Experience working with ticketing and knowledge management systems such as Service Now
• Experience with ITIL concepts and practices
• Experience with security analytics platforms such as Kibana
• Experience with reporting platforms such as DOMO and PowerBI
Benefits:
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities
• “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities
• The ability and technology necessary to productively work remotely/from home (where applicable)
Apply Now
Apply Now