Senior Director, Security Operations
Gibson Dunn · New York, NY · 1 wk ago
HybridInformation Technology$305/hrFull-time
Responsibilities
- Developing, managing and evolving a comprehensive, state-of-the-art threat hunting, event analysis and incident response capability.
- Performing detailed and complex analysis tasks, including malware analysis.
- Providing technical leadership for all relevant information security platforms.
- Serving as the final escalation point for issues related to threat hunting, event detection/analysis and incident response.
- Overseeing and directly participating in the administration of the firm’s SIEM and other relevant information security technology platforms.
- Taking the lead role in responding to and containing information security related incidents.
- Ensuring IOAs and IOCs are timely integrated into relevant systems and platforms.
- Managing/curating threat intelligence both human and machine readable.
- Partnering with IT managers to develop and maintain best practices and policies for security of all internal systems.
- Communicating with firm Senior Leadership in the absence of or as directed by the Chief Information Security Officer.
- Playing a primary role in the selection of new information security technologies.
- Overseeing and directly participating in the installation, configuration, and monitoring of relevant information security technologies.
- Assisting in the development and knowledge transfer to information security team members, as well as other IT or firm groups.
Qualifications
- Strong written and oral communication skills.
- Excellent customer service skills and sense of urgency when resolving issues.
- Organized, responsive and highly thorough problem solver.
- Ability to relate to non-technical users in user-friendly language.
- Ability to understand the technical implications of security threats.
- Ability to effectively prioritize and action threat intelligence.
- Ability to work collaboratively across departments.
- Ability to motivate and lead a team of diverse technical professionals.
- Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment.
- Ability to write clear and concise reports, including executive summaries.
- Must demonstrate the ability to maintain strict confidentiality of the firm's internal and personnel affairs.
Experience
- University Degree in a technology related discipline or 4 years of relevant experience.
- Graduate Degree in a cybersecurity discipline is preferred.
- CISSP certification is required.
- Any two of the following certifications is required: CISM, CSX-P, GIAC GREM OSCP, GIAC GCIH.
- 1-3 years of full-time experience leading and managing information security professionals.
- 3-5 years of full-time experience in a cybersecurity role dedicated to incident response, digital forensics, threat hunting or event analysis.
- 5-7 years of combined experience in intelligence, cybersecurity or information technology.
- Strong knowledge of information security principles and practices.
- Experience with incident response and analysis, preferably in a leadership role.
- Strong working knowledge of DFIR tools and techniques.
- Experience performing packet analysis.
- Strong knowledge of security implications involving a variety of technologies, including but not limited to SaaS platforms and SaaS as infrastructure, Microsoft, Cisco, Unix/Linux, and other market leaders in technology solutions, including mobile devices.
- Strong knowledge of SIEM and data analytic concepts, including extracting, manipulating and combining diverse data sets.