Sr Manager Info Security

Job Description

Team Lead, Cyber Incident Response Team (CIRT)Who are we As a company built on the foundation of Privacy by Design, for more than 20 years Neustar s unique capabilities have made us the leader in the field of responsible identity resolution. Neustar enables trusted connections between companies and people at the moments that matter the most, with world-class and industry leading solutions in Marketing, Risk, Communications, Security and Registry services.Neustar is searching for an experienced Director to lead our Threat Detection team. In this role, you will be responsible for solving hard problems using cutting edge technology in the areas of engineering, alert development, and monitoring.Do you have a strong background and experience with the following If so, we want to meet you!

• Departmental responsibility for 24x7 CIRT team
• Cyber drills and preparedness plans
• Cyber forensics and threat hunting

PRIMARY RESPONSIBILITIES

• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
• Lead the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
• Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. Responsible for all incident response activity and reporting.
• Develops, designs, and implements metrics/dashboard reporting for key business management initiatives, and/or other ad hoc needs to support CIRT business objectives and strategic imperatives.
• Strategically advises and/or distributes/shares reports with stakeholder groups to optimize visibility of CIRT leadership and the CIRT role to contribute to businesses of Company.
• Analyze and report organizational security posture trends.
• Provide thought leadership to implement best practices to detect malicious activity in a fast-paced, ever-changing technology environment
• Engage with internal teams, industry partners, and information sharing centers to leverage intelligence about the threat landscape and prioritize the creation of signatures
• Analyze and define data requirements and specifications for log ingestion and new security products
• Coordinate and provide expert technical leadership to enterprise-wide cyber defense operators to resolve cyber defense incidents.
• Coordinate with enterprise-wide cyber defense staff to validate alerts and conduct continuous testing.
• Demonstrate a deep knowledge of adversary techniques and emerging threats that could adversely impact business activities

Overall Responsibilities:BASIC QUALIFICATIONS

• Bachelor s degree in Computer Science, Management Information Systems (MIS) or a related field of study; or equivalent professional experience in a similar role
• At least 6 years of experience working with Host- and Network-based Intrusion detection and prevention systems like NIDS or NIPS, including signature development and event alert analysis.
• At least 6 years of experience working with cyber threat intelligence, including identification and categorization of APT actors and integrating threat intel with cyber defense capabilities

PREFERRED QUALIFICATIONS

• 7 years of related experience, specifically in Engineering/IT Operations, Security Operations, Vulnerability Management and/or Incident Response
• 7 years of experience in business process management, program management and/ or consulting
• Experience with advanced computer exploitation methodologies preferred, including analysis tools such as Encase or Helix, and or Crowdstrike
• Previous hands on supervisory experience with multiple direct reports, highly preferred.
• Security Operations:
  • Identity access management support and operations (IAM)
  • Vulnerability management
  • Threat management/Threat Intelligence
  • Security Tools operations

Desired Requirements

• CISSP, CRISC, CISM or similar certifications

,

Keyskills :
business process managementmanagement information systemsfederal lawcyber defensecomputer sciencebusiness processaccess management