Director, Security Operations – Incident Response
Ireland
Full Time
1 hour ago
No Sponsorship
Key skills
AWSAzureCloudCyber SecurityGoogle Cloud PlatformLinuxSplunkAnalyticsGCPGoogle CloudIAMOAuthJWTOktaSAMLActive DirectoryLeadershipTeam LeadershipCollaboration
About this role
Role Overview
- Lead and mentor a global team of threat engineers focused one or more of the following disciples; threat detection, threat emulation, threat intelligence, and incident response.
- Supervise all aspects of the team including hiring, training, evaluating, and coaching.
- Foster a culture of technical excellence, collaboration, and continuous improvement
- Manage team training, development, and staffing to ensure readiness for current and emerging threats
- Lead threat engineering efforts that develop, deploy, and operate tools and services that enable the teams ability to detect and respond to cybersecurity threats
- Collaborate with other Threat Management teams to ensure alignment with strategic objectives and to drive operational effectiveness
- Provide detailed technical insights and recommendations to security leadership.
- Develop and report metrics for reporting at an organizational, company, and/or Executive level.
Requirements
- Bachelor’s Degree in Arts/Sciences (BA/BS) in cybersecurity, computer science, or a related field required
- Advanced degree or specialized security certifications preferred
- 7+ Years of experience in enterprise security, with a strong focus in one or more of the following disciplines; threat detection, threat emulation, threat intelligence, and incident response. required
- 3+ Years of team leadership experience in technical security operations and threat engineering. required
- Hands-on experience with security tools such as SIEM, threat detection platforms, threat emulation, threat intelligence platforms, and advanced analytics. required
- Proven track record of building and improving detection capabilities in complex organizations. required
- Experience managing a global team of engineers and fostering cross time zone collaboration. required
- Advanced knowledge of threat detection technologies and methodologies. required
- Deep understanding of attacker tactics, tools, and techniques. required
- Windows, Mac, and Linux internals required
- Cloud Computing (AWS, Azure, GCP) required
- M365 Suite and Environments required
- Microsoft Domain Environments required
- IAM/AAA technologies and architectures (Active Directory, Okta, OpenID, SAML, Oauth, JWT) required
- Physical and Virtual Networking technologies and architecture required
- SIEM/SOAR technology (Splunk, CrowdStrike, Sentinel, etc) required
- EDR Platforms (CrowdStrike, Microsoft Defender, etc) required
- Offensive Security Tools required
- Relevant certifications such as CISSP, GCIA, SANS Certifications, or equivalent credentials. required
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Google Cloud Platform
- Linux
- Splunk
Benefits
- Gain valuable knowledge from and experience with diverse, caring colleagues around the world.
- Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.
- Join the bright and creative minds of RGA, and experience vast, endless career potential.