Job Title: Sr. Director, Cyber Defense
Location: Bay Area, CA (Hybrid onsite 2x / week)
Type: Direct Hire
Bottom Line / In a Nutshell
- 10-15+ years' experience in Information Security with demonstrated and progressive responsibility and influence
- 5-10+ years' experience in leadership positions
- Must have strong Security Operations and Incident Response experience
- Experience using Attack Frameworks such as MITRE and Cyber Kill chain
- Broad knowledge of major technologies, platforms, and systems (SIEM technologies, secure internet gateways, EDR/MDR, IDS, SOAR, IPS, Email flow and Security Architecture, Engineering, etc.)
- Ability to develop strategic vision and perform 5-year planning
- Strong communication skills both written and verbal and able to effectively operate with VP and above executives.
- Knowledge of industry standard frameworks as NIST, ISO, PCI, HIPAA
Job Description:
The Cyber Defense Sr. Director is a senior level leader responsible for Cybersecurity prevention and incident response functions with prior "hands-on" technical security expertise. This role is responsible for leading the team in identifying protective measures, researching cyber incidents, conducting comprehensive investigations, directing threat intelligence, proactive threat hunting, and other related activities necessary in leading a multi-level Security Operations Center (SOC).
The successful candidate is able to lead the advancement of this overall security function and take it to the next level of maturity which may include building and/or taking on other related security functions such as security analytics, Threat Management, and/or managing support and engineering of SOC related technologies.
During an incident this role leads all detection and response activities and acts as the Incident Commander working with cross-functional teams across IT, the business, and 3rd party resources to irradicate, contain, and recover from a cyber incident. This role possesses strong communication skills as they engage and provide updates to the senior leadership team.
This senior leader stays connected with the evolving threat landscape and possesses deep expertise around industry best practices in various aspects of IT and Cybersecurity. This role is also responsible for bringing forward broad cybersecurity expertise and thought leadership to assist the CISO in developing and implementing a comprehensive information security strategy that aligns with the organization's goals and objectives. The successful candidate will work collaboratively with business and technical teams to identify security risks, implement security controls, and ensure compliance with applicable laws and regulations to protect the organization's systems and data.
Essential Functions
- Leads Cyber Defense team and other related functions to defend against cyber-attacks and to protect the organization during a cyber-incident
- Stays aware of external threats and events and applies tactics to protect against them
- Builds relationships with internal business partners such as Finance, Legal, HR to help guide them during security incidents
- Partners with engineering and delivery teams to implement capabilities that protect the organization
- Communicate to internal and external partners to convey technical information in an easy-to-understand way.
- Develops and maintains Incident Response Plan and holds training to ensure readiness
- Ensures IR playbooks are maintained and distributed as appropriate.
- Present monthly status reports to show internal event and incident trends
- Document incidents and provide regular updates to leadership.
- Develops an Incident Response Steering team to guide the program growth
- Take internal precautions to protect against known 3rd party breaches with Partners, Vendors, and suppliers.
- Stays aware of on-going projects to ensure Cyber Defense programs protects new and changing systems
- Maintains a strong understanding of current cybersecurity threats and countermeasures, such as Advanced Persistent Threats (APTs), cyber-crime, hacktivism, and associated tactics.
- Assist CISO in optimizing and improving security functionality of existing technologies and controls.
- Engage cross-function IT teams such as Architecture, Engineering, and Application teams
- Assist CISO in developing security strategy and roadmap. Work with business and IT owners to help define, develop, and maintain strategic and tactical programs and plans.
- Partner closely with CISO, Chief Security Architect, Security Delivery & Engineering, and GRC teams
- Knowledge of industry standard frameworks as NIST, ISO, PCI, SOX, HIPAA.
COMPETENCIES:
People
- Building Effective Teams (for managers of People and/or Projects)
- Developing Talent (for managers of People)
- Collaboration
Self:
- Leading by Example
- Communicates Effectively
- Ensures Accountability and Execution
- Manages Conflict
Business:
- Strategic Agility Business Acumen
- Plans, Aligns and Prioritizes
- Organizational Agility
With particular emphasis on the following specific position-related competencies:
- Strong influencing skills, both within the IT organization and business units
- Solution oriented; on-time and on-budget win-win mentality
- Customer centric approach with a drive for results and quality of work
- Self-critical, able to evaluate past failures objectively with focus on continuous improvement
- Strong interpersonal skills
QUALIFICATIONS AND SPECIAL SKILLS REQUIRED:
- At least 10 to 15 years of experience in Information Security with demonstrated and progressive responsibility and influence.
- 5 to 10 years leadership experience
- Experience using Attack Frameworks such as MITRE and Cyber Kill chain
- Possess a strong understanding of SIEM technologies, secure internet gateways, EDR/MDR, IDS, SOAR, IPS, Email flow and Security,
- Broad knowledge of major technologies, platforms, and systems.
- Ability to develop strategic vision and perform 5-year planning
- Experience writing system requirements
- Experience managing service providers/integrators, including offshore services.
- Strong analytical ability, judgement, and problem analysis techniques
- Strong communication skills both written and verbal and able to effectively operate with VP and above executives.
- Knowledge of industry standard frameworks as NIST, ISO, PCI, HIPAA.
- Strong interpersonal skills with the ability to work effectively in a matrixed organization.
- Ability to work with teams that are geographically distributed.
- Demonstrated ability to execute financial analysis, such as TCO models and ROI.
- Some travel may be required.
SUPERVISORY RESPONSIBILITIES:
- Managing the recruitment, retention, and career development of internal staff.
- Managing, mentoring, and leading professional services staff as needed
- Manages a team of Security Engineers
This Is a Great Opportunity With a First-class Company
Sr. Director, Cyber Defense
RED SKY Career Opportunities at: redskyconsulting.co/career-portal
Sr. Director, Cyber Defense
RED SKY Consulting Candidate and Client Referral Program!
2500
Do you know other IT professionals?
Turn those relationships into Money & help friends get work
RED SKY Consulting is offering a fantastic opportunity for you to earn extra money.
If you refer to us a Manager of people or skilled professionals, we will link your name to that person for 18 months.
If we employ or place that individual or place people into that company thru that manager
Sr. Director, Cyber Defense
RED SKY Consulting Company Overview
We are an IT and Cybersecurity staffing solutions, professional services, management consulting, and executive placement company with thousands of resources across multiple IT and Cybersecurity skill sets. Our primary US locations are Chicago, New York, Los Angeles, Atlanta, Nashville, Tampa and Denver and we have organizational arms in other domestic cities along with offshore alliances in India and Ireland. RED SKY has a 15+ year history of providing great technology talent. RED SKY has many clients including; 7 of the Fortune 10, half of the Fortune 100, and 25% of the Fortune 500 companies within the manufacturing, financial services, health care, government, consumer services, insurance, and several other industry verticals represented.
The RED SKY Foundation is being formed and will be providing fully funded college educations to underprivileged young adults in partnership with our clients starting 2022.
Keys: Sr. Director, Cyber Defense, SOC, Incident Response, Information Security, NIST, ISO, PCI, SIEM, SOAR, Sr. Director, Cyber Defense, SOC, Incident Response, Information Security, NIST, ISO, PCI, SIEM, SOAR,Sr. Director, Cyber Defense, SOC, Incident Response, Information Security, NIST, ISO, PCI, SIEM, SOAR
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX