Technical Manager Information Security(IAC (formerly named IAC/InterActiveCorp.)):
Investigate, assess, & respond to potential security incidents; develop new rules & alerts; & implement controls to monitor threats. Implement security policies & develop security incident detection capabilities. Duties include:
- Perform purple team exercises for the organization & all subsidiaries, including conducting controlled simulated cyber-attacks to find possible loopholes in the environment;
- Develop report recommending measures for the found loopholes or vulnerabilities to avoid similar real attacks;
- Identify, detect, contain, mitigate, resolve, & restore IT assets in response to security incidents to minimize loss & destruction to IT systems, assets, & data;
- Guide the design, configuration, integration, & enhancement of SIEM tools;
- Develop policies & documentation to support ongoing SOC activities, including run books, & procedure documentation;
- Develop & present regular updates on cyber threats & activities to technical & non-technical audiences;
- Develop threat trend analysis reports & metrics;
- Monitor threat landscape for emerging threats; communicate threat information to business units;
- Participate in security incident response efforts, including off-hours & on-call support
- Guide & direct team of more junior security analysts.
10% domestic travel required.
A Master's degree or foreign equivalent in Computer Science, Information Security & Assurance, or a related discipline followed by 2 years of experience in an information security analyst-related occupation.
In the alternative, the employer will accept a Bachelor's degree or foreign equivalent in Computer Science, Information Security & Assurance, or a related discipline followed by 5 years of post-baccalaureate experience in an information security analyst-related occupation.
Experience must include the following, which may have been gained concurrently:
- 2 years of experience with SIEM tools, including creating & monitoring SIEM environment;
- 2 years of experience monitoring & investigating suspicious behavior based on different log sources;
- 2 years of experience with endpoint security, including implementing end point security tools;
- 2 years of experience with the incident response process;
- 2 years of experience with cloud infrastructure including AWS or GCP;
- 2 years of experience with Web Filtering, EDR, SIEM, AV, IAM & Email Protection Systems tools;
- 1 year of experience performing red team exercises.
Job site: 555 West 18th Street, New York, NY 10011. Full-time.
To apply, please apply through portal & include email cover letter & resume, referencing Req. #054785-002.