Cyber Security Operations Lead

Full Time
Frisco, TX
Areas of Interest: Cyber Operations, Exploitation Analysis, Incident Response, Threat Analysis, Vulnerability Assessment and Management
report a problem
Overview
Individuals within the Information Security Office plan, execute, and manage multi-faceted projects related to cyber security to detect, prevent and respond to threats that is affecting the company. Individual should have a mindset of a defender and should be able to operate in a fast paced environment working closely with our infrastructure team which includes Network, Firewall, Server and application teams.

Individuals develop security policies and procedures such as security breach escalation procedures, incident response plan and exercises, metrics, response playbooks, security assessment procedures, use of firewalls and encryption routines, customizing threat feeds, work with security operation center, monitor and analyze threat and vulnerabilities, deploy solutions to protect network, email and endpoint devices.

These professionals work directly with the customers, third parties and other internal departments and organizations to facilitate information security management processes and to identify vulnerable areas. They also communicate and educate IT and the business about security policies and industry standards, and provide solutions for enterprise/business security issues.

PRIMARY DUTIES AND RESPONSIBILITIES:

  • Manage a team of individuals and vendors to provide support to security operations center which is built to protect data across ABC enterprise
  • Manage a team which provides 24x7 cyber security operations support inclusive of metrics
  • Monitors networks for signs of adversarial activity as a key member of the Cybersecurity Command Center
  • Experience in customizing intelligence feeds to suit ABC organization
  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event intelligence and summary information
  • Detects the full spectrum of known cyber-attacks (e.g., DDoS, malware, phishing, ransomware & others) along with any security and compliance violations
  • Provides Tier III technical expertise on post event security intelligence and trend analysis
  • Guide, mature and work with the security operations team to build a top of the line security command center
  • Oversees the planning, execution, and management of multi-faceted projects related to Cyber command center operations.
  • Plan, build, develop and mature the security operations to pro-actively monitor the incidents that happens in the environment, build solutions to counter and respond to them
  • Drive innovation to sustain and automate the cyber operations by designing and working with cyber engineering team
  • Develops and manages security for multiple IT functional areas (e.g., applications, systems, network and/or Web) across the enterprise.
  • Serves as a subject matter expert (SME) for performing security and threat assessments
  • Develops security solutions for critical and/or highly complex assignments. 
  • Leads multiple projects or programs.
  • Responds to alerts from various monitoring systems and platforms to address potentially malicious events in a timely manner
  • Independently leads computer incident investigations, determining the cause of the security incident and preserving evidence for potential legal action
  • Routinely develops and updates incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
  • Provides other services as a key member of the Cybersecurity team:
  • Security review of changes to networks, servers and end point devices in collaboration with infrastructure operations
  • Security review of encryption policies, sensor policies for IDS/IPS, Firewalls, web security gateway, logging
  • Investigations and Forensics
  •  Proposes additional components and techniques that could be used to proactively detect and prevent malicious activity.
  • Manages day-to-day relationship with security and infrastructure services partners
  • Conducts research of emerging security threats.
  • Develops security solutions for critical and/or highly complex assignments. 
  • Leads multiple projects or programs.
  • Develops remediation strategies and risk responses associated with the protection of infrastructure and information assets.
  • Mentors less-experienced team members

Location: Frisco TX or Chesterbrook, PA ( remote not available ) 

Qualifications

EXPERIENCE AND EDUCATIONAL REQUIREMENTS:

  • Bachelor’s Degree in Computer Science, Information Systems or other related field, or equivalent work experience.
  • Typically requires 7-8 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 4 years’ experience designing and deploying cyber security solutions for operations at the enterprise level.
  • Requires Security Certification(s) (i.e., Certified Information Systems Security Professional (CISSP), or Certified Information Security Manage (CISM) or CEH or other equivalent recognized security certifications

MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:

  • Great attitude to help, learn and grow, excitement is always welcome
  • Experience applying structured analytical methodologies to threat monitoring and intelligence analysis, e.g. Cyber Kill Chain
  • Experience with Network protocols and packet analysis tools
  • Must know SSL/TLS, HTTP, DNS, SMTP, IPsec, PKI, proxies, TCP/IP, VM, Wireless, VPN
  • Solid understanding of cloud based critical infrastructure systems security threats
  • Deep experience with cyber security in the domains of cyber threat intelligence and analysis, security monitoring and Incident Response
  • Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
  • Demonstrated sound understanding of at least 3 of the following standards such as ISO 27001/27002, COBIT, ITIL, NIST, HIPAA, SOX and PCI
  • Ability to lead and provide direction to project teams
  • Strong consultative skills; ability to interface effectively with technical and non-technical leaders.
  • Understands Information Security as it relates to the business and other areas of IT; understands direct impacts and risks.

‚Äč

Organization: IT 
Job: Information Technology Jobs 
Schedule: Full-time 
Primary Location: United States-Pennsylvania-Chesterbrook 
Other Locations: United States-Texas-Frisco 
Equal Opportunity Employer/Minority/Female/Disability/Veteran




Share this job:

AmerisourceBergen

Shaping Healthcare Delivery Through Information Technology and Sales
AmerisourceBergen (NYSE: ABC) provides pharmaceutical products, value-driving services and business solutions that improve access to care. Tens of thousands of healthcare providers, veterinary practices and livestock producers trust us as their partner in the pharmaceutical supply chain. Global pharmaceutical manufacturers depend on us for services that drive commercial success for their products. Powered by our 19,000 associates, we are united in our responsibility to create healthier futures.

AmerisourceBergen connects the healthcare industry, applying innovation toward everything from the way pharmaceuticals are sourced and distributed to the delivery of personalized patient care. With more than $146 billion in annual revenue, AmerisourceBergen is ranked #11 on the Fortune 500. The company is headquartered in Valley Forge, Pa. and operates a network of 140+ offices in 50+ countries.
Visit AmerisourceBergen's Social Media pages:
Company Type: Public Company
Company Size: 10,001+