Director of Managed Detection and Response at Optiv - Remote
In your role at Optiv, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations.
Full-time - Overland Park, KS, Denver, CO, Frisco, TX, or Remote U.S.A.
The Director of Security Operations Detection and Response is responsible to ensure early and accurate detection, response, and containment for threats directed against our clients. As a technical management role, the ideal candidate possesses deep security knowledge/expertise, previous experience as a security practitioner, systems management and administration experience, proven service management skills, and the ability to attract and retain talent in a challenging market. The position is closely involved in helping to mentor, develop and evaluate employee performance as well as helping with development and continuous improvement of the Security Operations services.
How you’ll make an impact:
Lead 24x7 Detection and Response and threat hunting teams providing operational and strategic planning, including fostering innovation, planning projects, and organizing and negotiating the allocation of resources.
Work closely with customers on reporting, stewardship calls and in the case of escalations.
Enforce all policies and procedures, including those for security, disaster recovery, standards and service provision.
Drive continuous refinement and improvement of detection and response, threat hunting and incident response processes.
Grow and mature our Threat Intelligence Program.
Oversee the security of Client systems via Managed Detection and Response Service (MDR).
Bachelor’s Degree from four-year college or university in Information Technology, Information Security/Assurance, Engineering or similar area of study required.
15+ years professional IT and Information Security experience
5+ years leading technical Detection and Response teams
5+ years professional experience in cyber operations centers
3+ years professional experience in managed services
One or more certifications in Security/Networking including Security+, GSEC, GCIA, GCIH, CISSP, CISM, CISA or other security specific vendor/product certifications
Proven ability to make decisions and perform complex problem-solving activities under pressure.
Advanced business acumen required.
Sharp analytical abilities and the ability to make sound decisions quickly required.
Deep understanding of SIEM vendors, solutions and architecture such as LogRhythm, QRadar, Splunk, Exabeam, etc.
Deep understanding of EDR vendors, solutions and architecture such as Crowdstrike, Cylance, Carbon Black, Microsoft ATP.
Deep understanding of regulatory compliance such as NIST, SOX, HIPPA, NERC CIP, PCI, etc. and their differentiators across global regions
Deep understanding of laws pertaining to cyber security and their differentiators across global regions
Understanding of Security Orchestration, Automation and Response concepts.