Search
Managing Director,  Secuity Operations

Managing Director, Secuity Operations

locationChicago, IL, USA
PublishedPublished: 9/15/2024
Full Time

The hiring range for this role is:  

$180,000.00 - $215,000.00

This is the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting.  We may ultimately pay more or less than the hiring range andthis hiringrange may also be modified in the future. A candidate’s position within the hiring range may be based on several factors including, but not limited to, specific competencies, relevant education, qualifications, certifications, relevant experience, skills, seniority, performance, shift, travel requirements, and business or organizational needs. This job is also eligible for annual bonusincentivepay.

We offer a comprehensive package of benefits including paid time off, 11 holidays, medical/dental/vision insurance, generous 401(k) matching, lifestyle spending account and many other benefits to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law.

Job Description Summary

The Managing Director, Security Operations, Incident Response & Threat Hunting will manage the team responsible for various security services in domains of Security Operations, Incident Response, and Threat Hunting. This role will lead a team of security engineers, analysts, and administrators responsible for maintaining security infrastructure, responding to security alerts, investigating/triaging security incidents, performing forensics detailed forensics analysis, building detection and monitoring rules, and building custom incident response tooling.

Responsibilities include but are not limited to: ​

  • Manage all SoC operations, technology administration, threat hunting programs, Incident response processes.
  • Establish processes to measure and report on team performance and business value.
  • Work with various business stakeholders to demonstrate the business value and operational outputs of the team at an executive level.
  • Ensure that forensic evidence is preserved and can be used for legal proceedings if necessary.
  • Research and monitor emerging security technologies, understand current industry and technology trends and opportunities, and assess their impact to the business.
  • Conduct research to identify new attack vectors facing BCBSA computing environment.
  • Work with and influence business contacts in regards to technology controls, risk mitigation techniques related to application layer security.
  • Develop and maintain applicable incident management program metrics for continual measurement and improvement.
  • Manage and motivate teams with diverse skills and backgrounds.
  • Assess and prioritize security risks and formulate effective risk management mitigation plans.
  • Collaborate with cross-functional teams to integrate security measures into business processes and applications.
  • Regularly review and update security documentation to reflect changes in the threat landscape and business requirements.
  • Participate in security audits, assessments, and certification processes.
  • Work closely with legal and compliance teams to address any security-related legal and regulatory requirements.
  • Lead incident response efforts, including investigation, containment, and resolution.
  • Lead post-incident analysis and implement corrective actions to prevent future occurrences.
  • Participate in the selection, implementation, and maintenance of security technologies.
  • Communicate effectively with stakeholders, addressing security concerns and providing guidance on best practices.
  • Assist in security-related documentation (RFPs, PPTs, etc.)

Required Education, Certifications and Experience

  • Bachelors Degree Computer Science, Information Technology, or related field required.
  • Minimum of 10 years information security experience with a heavy technical focus and with 7 years of progressively increasing responsibility.
  • Minimum of 5 years in a leadership position as a hiring manager or team lead capacity with experience developing and leading staff.
  • Experience/knowledgeable in conducting audits of information systems and their application to ensure accuracy of information and promote operational efficiency
  • Experience acting in a security incident response role with responsibility of analyzing alerts/threats, responding accordingly, developing incident response plans and procedures
  • Experience documenting incident cases and managing lessons learned meetings
  • Experience in working with Managed Security Service Providers (MSSPs) and ensuring alignment to agreed upon SLAs.
  • Experience in implementing and managing core TVM systems and processes such as: Security Event Management, Vulnerability Management, Web application firewall, data base monitoring, forensics toolsets, firewalls, proxies, packet captures, etc.
  • Experience in managing Information Security operational and capital budgets.
  • Experience with implementation of technical security architectures within a large enterprise environment is preferred.
  • Competency in making operational decisions, monitoring progress and reporting results.
  • Ability to communicate at all levels, with experience in leading operational review meetings with business partners and executives that may range from technical resources to VP/SVP.
  • Technical domain knowledge along with understandings for the costs for delivering the required services
  • Competency to Interpret and summarize technical information for presentation to non-technical business contacts
  • Knowledgeable in security technologies, procedures, and best practices to include functions such as Web Application Firewalls, Intrusion Detection Systems, Endpoint Detection and Forensics, SIEM, and Vulnerability Scanning

Preferred Education, Certifications and Experience

  • CISSP, CRISC, CISA or other relevant certifications preferred
  • Knowledge of the BCBS system and practices.

People Management Yes


#LI-Hybrid