Back to All Jobs
Office Location or Remote - USA
26 days ago
Executive Director, Security Operations and Incident Response

We’re looking for a security-minded, hands-on leader with extensive Incident Response (IR) and Threat Intelligence experience to support our global 24x7 security monitoring and IR programs.   The candidate must be an experienced incident response leader with a strong track record of coordinating cross-functional teams (Compliance, Legal, HR, Corporate IT, Product Engineering, Customer Support) and executive leadership through response and recovery from major security incidents (e.g. data breaches, ransomware, etc.), with minimal impact to the business.  The candidate must have strong operational knowledge of the security tool landscape and has a track record of optimizing and automating processes to achieve measurable efficiency and accuracy gains. This role is integral to the Cybersecurity program, and works directly alongside the Security Architecture / Engineering, Tech Infrastructure and Network teams. 

Responsibilities 

Be a thought leader and industry expert for all functions under Security Operations  Develop and lead a team of cybersecurity experts to manage global Security Operations functions such as monitoring and detection, incident response, threat and vulnerability management, threat intelligence, digital forensics & investigations, threat hunting, and insider threat.      Develop and execute on Security Operations strategy, and partner with Security Architecture and Engineering to deliver new or enhance existing security controls and analyze/maintain new or existing security applications/products including SIEM, vulnerability management tools, intrusion detection and prevention, data leakage protection, network security analysis, firewalls (network and application), and Cloud security controls.   Proven experience developing SIEM and logging feeds architecture and creating processes that translate logs into actional security events  Engage with executive level leaders, including board members and customers, to explain concepts, present roadshows for major initiatives and programs  Lead global security operations projects and act as the leader and mentor to Security Operations Engineers   Designing and implementing security processes to support security monitoring and incident response using best-in-class security engineering principles; experience with the MITRE ATT&CK Framework and its Tactics and Techniques.  Strong experience with security metrics and measurements and process automation – understand how to measure monitoring/IR processes and how to improve them based on historical data  Partner with Security Engineers to identify and evaluate best in class security solutions and plan production deployments and help document runbooks accordingly  Lead or coordinate enterprise cybersecurity tabletop exercises across cross-function teams   Lead and develop processes to support a cybersecurity forensics and investigations program  Develop and own Global IR plan and is familiar with IR processes and protocols including Attorney Client Privileged and industry laws, rules, regulations and control frameworks such as HIPAA, HITRUST, and FedRAMP 

 

Knowledge and Skills 

Strong understanding of security monitoring and incident response processes and concepts  Strong understanding of MITRE TTPs or similar  Familiarity with control frameworks such as HIPAA, HITRUST, FedRAMP, SOC1/SOC2, and PCI  Demonstrated past contributor and “plugged-in” to the threat intelligence community and various industry sources  Understand what it means to “think like a hacker” and take the attacker’s viewpoint  Familiarity with Dark Web and related concepts  Experience with operating security tools such as Intrusion Detection/Prevention Systems, Email Security, Data Security, Cloud Security, Network and Application Security  Familiar with scripting languages and ability to develop scripts to support logging, monitoring and detection 

 

Required Experience 

10+ years of relevant security operations and threat intelligence experience   10+ years of IT experience  5+ years of leadership and leading teams 

 

Preferred Experience 

CISSP or equivalent 

 

Key Differentiator 

Security Operations, Incident Response and Threat Intelligence experience  Real world experience managing data breaches and major security incidents  Strong communicator, who can remain calm while facing adversity, and who can partner internationally with cross functional technology, security and executive management leaders  Self starter, takes initiative with strong conviction 

 

Estimated Salary range for this position: $136,000 - $197,000

The base salary range represents the anticipated low and high end of the GHX’s salary range for this position. Actual salaries will vary and will be based on various factors, such as candidate’s qualifications, skills, competencies and proficiency for the role. The base salary is one component of GHX’s total compensation package for employees. Other rewards and benefits include: health, vision, and dental insurance, accident and life insurance, 401k matching, paid-time off, and education reimbursement, to name a few. To view more details of our benefits, visit us here: https://www.ghx.com/about/careers/

Show More
Save & Apply Later Applying Later... Click to ApplyI AppliedDidn't Apply
Confirm your E-mail: Send Email
Apply for this job
Next Job »
All Jobs from GHX
14 GHX jobs in Office Location Or Remote - Usa 38 GHX jobs in
Next Job »
Search Jobs Ghx Apply Later
Processing Unique Jobs for You: