Cybersecurity Leader for Threat Detection and Response

This is a challenging role that requires expertise in developing and implementing effective security measures to protect corporate assets and infrastructure. The Global Cybersecurity/SOC Manager plays a key role in maintaining and continuously improving the cybersecurity framework, monitoring, and control practices within the organization.

The successful candidate will focus on developing and facilitating security logs and incident management, analytics, and reporting capacities. This involves working closely with global, regional, and local Information Security and IT resources to design, test, implement effective security controls.

• Communicate and collaborate with internal clients to contribute to security direction and provide technical guidance on current and future technical security directions.
• Act as a cybersecurity subject matter expert throughout the project lifecycle, including functional requirements, design specifications, testing, quality assurance, implementation, and support.
• Provide input to the annual information security strategy cycle.
• Ensure that security requirements are identified early on and are being incorporated into all projects/applications:
  • Investigate, recommend, evaluate, deploy, and integrate security tools and techniques to improve the ability to protect corporate assets and infrastructure.
  • Develop and maintain documentation of relevant IT systems and security controls.
  • Assess and capture security requirements within the context of enterprise application architecture.
  • Ensure that application development and deployment meet FINCA security standards.
  • Provide security input to design and application architectural reviews.
• Report on risks, risk mitigations, and residual business risks.
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
• Develop recommendations for improvements.
• Monitor appropriate sources for newly identified threats and vulnerabilities.
• Effectively communicate findings and strategy to client stakeholders, including technical staff, executive leadership, and legal counsel.
• Recognize and safely utilize attacker tools, tactics, and procedures.
• Develop methodologies to enhance red teaming processes.
• Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff.
• Execute and/or lead (when required) red team assessments to highlight gaps impacting organization security posture.
• Research new/emerging security threats, vulnerabilities, and exploit techniques.
• Respond to new attack surfaces and help implement new requirements as needed.
• Develop, manage, and maintain security testing industry frameworks and best practices: Cloud Security Alliance (CSA), NIST, SANS, CIS.
• Partner with global information security and business continuity team members across the network to drive secure outcomes based on industry best practices.
• Play a key role in the global cybersecurity team on developing threat modeling and new detection techniques, based on trending attack surfaces.
• Provide support to business digital projects through the entire project lifecycle (threat modeling, requirements definition, verification, and validation).

• Bachelor's Degree in a technical discipline or equivalent work experience.
• Certifications are not required, but will be considered in the evaluation process. Applicable certifications include: SANS, Splunk, CISSP.
• Knowledge of security and control frameworks (such as ISO 27001, CobiT, NIST).
• Security certifications (CISSP, GIAC, CEH, CISM, OSCP) will be an asset.

• Minimum 4-6 years of experience in a Security Manager/Analyst Role.
• Experience in a financial institution will be considered as a plus.
• Experience working in a large international organization or network will be considered as a plus.
• Experience with IT security assessments.
• Experience with common assessment tools (examples Qualys, Tenable, Rapid7).
• Experience communicating assessment results to audiences with diverse technical proficiency.
• Experience constructively articulating business impact of vulnerabilities to various stakeholders.
• Experience with correlating and analyzing logs and events from various sources (e.g. Vulnerability Scanning, Virus Protection, SIEM).
• Experience with producing and customizing security queries, reports, and dashboards from various sources (e.g. Vulnerability Scanning, SIEM, Virus Protection).
• Experience conducting application security reviews preferred.
• Experience with scripting languages desired.