Monday, November 21, 2016

Director Security Detection SOC/IR Expedia Inc. Bellevue

Job Description: • 2-minute read •
Director of the Expedia Security Operations Center (SOC) and Incident Response (IR) will drive the vision and strategy for these core security functions. This role is responsible for revolutionizing how Enterprise Information Security (EIS) monitors and manages security events for Expedia Inc. The focus of this role will not only be on near-term but also long-term goals (12-24 months) for the organization. The Director will be responsible for SOC and IR operations, strategy, reporting, monitoring, incident response, and partner alignment.
Watch: Career Advice
The Incident Response team is responsible for responding to all security events and working with the Legal, HR and Executive teams during any Incidents ensuring they have relevant, actionable timely information to communicate appropriately. The Security Operations Center is responsible for monitoring the Expedia environment leveraging data processing technology and analytics to identify and mitigate any security events.
This leader must successfully manage a team of Managers and will provide direct oversight for the Senior Data Analysts (SIEM) for the SOC providing leadership, operational guidance for a 24/7 Security Operations environment located in the US and India. The Director will have full responsibility to drive specific support duties that encompass real time monitoring, ticket management, incident resolution and escalation. The Director will be responsible for ensuring the staff manages the environment in accordance with identified policies and procedures correctly monitoring, troubleshooting and resolving incidents.
Responsibilities:
Directly manages IR Manager, SOC Manager, and Data Analysts responsible for day to day operations, performance management, coaching and career development.
Responsible for establishing and maintaining the vision, strategy and operations specific to IR/SOC space to ensure information assets, technologies, and services are adequately protected.
Oversee the investigation of security breaches. Serve as the enterprise contact for computer security incident response planning and execution.
Expert knowledge of operations, serve as a SME/authority within business and advise Senior Leadership on specific issues impacting Expedia in the Security space.
Independently leads technical and non-technical team members in supporting Information Security programs and processes.
Make decisions and guide strategies involving multiple Brands and Countries.
Responsible for the immediate escalation of Security issues ensuring adherence to SLAs and driving resolution/mitigation.
Partner with internal and external teams to aid with the determination of root cause on significant incidents, while driving identified known problems/risks to resolution.
Establish KPIs to ensure both the SOC and IR are performing and improving on their services.
Work closely with other operations, development and business teams to define, refine and provide the highest level of security and support for Expedia Inc. products and services.
Initiates and drives process changes designed to improve efficiency.
Develop standardization and consistency through process, procedure, and workflow management.
Leverage various toolsets to monitor, react, automate and improve service delivery.
Build proactive and cooperative relationships with internal and external staff. Establish and communicate clear roadmap and vision for areas within span of control.
Must have the ability to respond to a changing environment, work with ambiguity and provide situational awareness.
Skills:
Creative thinker with exceptional business, strategic, analytical, management and relationship management skills.
The ability to gather data and drill down to root cause analysis, ability to proactively recommend effective courses of action and communicate resolution to the various levels in the organization.
Able to maintain high standards, expectations, and delivery related to team performance with limited resources.
Ability to articulate complex information security concepts to senior executives and non-technical employees clearly while accurately portraying real risks and threats to the company.
The ability to execute against budgets, implementation schedules, and manage team projects on schedule and within constraints.
Possesses strong analytical, organizational, and decision-making skills.
Ability to inspire and work collaboratively with individuals of highly diverse cultures in a global and virtual environment and effectively communicates technical issues in a non-technical manner.
Organizational agility - the ability to work in a productive and cooperative way with a variety of people ranging from VPs to individual contributors and support staff.
Excellent verbal and written communication skills.
Proven history of performance excellence in the following areas; security operations, customer focus, team building, collaboration, optimization with strategic long term thinking, and communication.
Ability to influence and gain the acceptance/cooperation of others. Understands the "why" behind the customer needs and can clearly articulate it to others.
Highly organized with the ability to strategically think long-term about operational needs and opportunities, while always taking a customer and partner-centric approach.
Qualifications
Bachelor's degree in Computer Science and/or equivalent demonstrated IT/Operations work experience with an emphasis towards Security Operations in a large scale 24/7 environment.
A minimum of 10 years of experience with a significant IT/Security background in supporting day-to-day operations in a 24/7 environment.
A minimum of 7 years of direct people management (Director or Manager) with a background in managing high performance virtual teams.
5+ years’ experience in current security tools, hardware/software security implementation, communication protocols and/or encryption techniques and tools.
Advanced understanding in one or more of the following areas: Platform Security, Data Security, Network Security, Perimeter Security, Security Assessment Tools, Security Monitoring Tools, and Managed Security Services.
Send To A Friend
Related Posts Plugin for WordPress, Blogger...