Cyber Security Operations Director

Cyber Security Operations Director Job Posting

Job Description:

Job Title

Cyber Security Operations Director

Experience Required

10-20 years

Job Location

NYC in midtown Manhattan

Required Skills: Director, Cyber Security Operations, CISSP

The successful Cyber Security Operations Director candiate must have significant background in cyber security from the most senior of levels with a consultative/operational skill set. This is an extremely high profile role requiring excellent English communication skills (written & verbal) and a history of interfacing at the highest level of corporate management

Duties and tasks to be performed include, but are not limited to:

  • Identify, respond, and mitigate sophisticated threats and coordinate efforts with portfolio companies
  • Conduct incident response activities, including advanced investigation (forensic, malware analyses, root cause analysis etc.. to investigate potential intrusions and develop remediation guidance
  • Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production down-time
  • Maintain a professional communicative relationship and management to provide information throughout the incident, problem, and change management cycles
  • Coordinate and drive efforts among multiple business units during response activities and post-mortem
  • Proactive monitoring of internal and external-facing environment using security capabilities
  • Provide timely, comprehensive and accurate information and portfolio company leadership in both written and verbal communications
  • Proactively research and monitor security-related information sources to aid in the identification of threats and portfolio networks, systems and intellectual property
  • Lead and mentor other staff members on incident response, analysis and tools
  • Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats.
  • Developing threat awareness and education briefings
  • Maintain technical proficiency in the use of tools, techniques and countermeasures
  • Maintain professional knowledge of trends in computer and network vulnerabilities and exploits
  • Responsible for the development and on-going reporting of program metrics
  • participation in the production of cohesive technical intelligence reports
  • On call and after hours work can be expected

Apply Online

Basic Qualifications:

  • BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence analysis, cyber security or another related field of study
  • Overall 10+ year of professional experience with 7+ years in cyber security operations
  • Candidate must have knowledge of cyber terminology, tools, and concepts.
  • Expert technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, malware (malware communication, installation, malware types), computer network defense operations (proxy, firewall, IDS/IPS, router/switch, open source information collection)
  • Unix/Linux background & work experience
  • Experience with and knowledge of cyber incidents and APT intrusion sets
  • Demonstrated experience with information security tools (SIEM, FPC, signature development)
  • Demonstrated experience with networking, system administration, architectures and security elements
  • Resource must be able to identify and interpret logs from various servers and services such as Firewall, web, SQL, and applications

Desired skills:

  • The candidate should have the ability to build intrusion related data visualizations and perform analysis (i.e., using I2 Analyst Notebook, Maltego)
  • Effective communication skills (both written and verbal)
  • Demonstrated excellent customer service and teaming skills
  • Experience researching and tracking APT campaigns
  • Conceptual understanding of the Cyber Kill Chain, Intelligence Driven Defense and/or Diamond modeling of cyber threat activity
  • Experience working with and managing service providers
  • Malware/ Reverse engineering experience
  • Enterprise incident handling experience
  • Forensic analysis experience
  • Programming and scripting experience, should be comfortable with regular expressions
  • Advanced proficiency in network analysis and using network security tools
  • Experience with architectures and security elements
  • Proven accountable, dependable and reliable work ethic

Experience with the following technologies desired:

  • Windows, Mac, Linux, AIX
  • Palo Alto Firewalls
  • Microsoft Office 365 SPE Security Suite
  • Crowdstrike Falcon or similar EDR
  • Splunk
  • Tanium
  • Nexpose and Metasploit
  • Mimecast
  • ServiceNow


Apply Online