Director, Cyber Security Operations and Threat Management

General Purpose:

The Director for Security Opertions and Threat Management is a strategic and technically-grounded lead of our information security team performing duties through processes and procedures necessary to ensure the safety of information systems and applications on premise and in the cloud. This role assists with protecting the confidentiality integrity and availability of company and customer data.

This role is the primary architect of our defense-in-depth strategy overseeing the teams (internal and external) responsible for detecting neutralizing and preventing cyber threats. You will bridge the gap between high-level security strategy and hands-on operational excellence ensuring our global infrastructureon-prem and cloudremains resilient against an ever-evolving threat landscape.

In addition the Director will manage and monitors various security systems/tools and supports the assessment of system security controls.

The ideal candidate is a leader-doer who can manage the security of complex environment while remaining sharp enough to deep-dive into an incident response bridge or a cloud architecture review.

Duties and Responsibilities:

Threat Management & Incident Management

* Detection Strategy: Build and maintain a world-class Threat Intelligence program to pivot from reactive to proactive defense.

* IR Leadership: Serve as the ultimate escalation point for high-priority security incidents leading the Incident Response (IR) team through containment eradication and recovery.

* Hunting: Establish regular threat-hunting cadences to identify dormant or sophisticated actors within the environment.

*Stay abreast and keep up with the latest threats and analyze the impact to the Jazwares environment

Security Operations (SecOps) & Tools

*SOC Oversight: Manage the 24/7 Security Operations Center (MSSP) to ensure high-fidelity alerting and low Mean Time to Resolve (MTTR).

*Tooling Optimization: Own the security stack (SIEM EDR XDR SOAR). Ensure tools are integrated automated and providing maximum ROI rather than just generating noise.

*Automation: Drive a Detection as Code philosophy to automate repetitive tasks and manual investigative steps.

*Be the costodian of all security tools such as PAM Email Security Backup and Recovery etc.

*Provide technical leadership and oversight to security operations activities and initiatives

*Participate in business continuity and disaster planning

*Provide guidance and support on security issues to other departments

*Ensure all software within the network has adequate security measures in place

*Propose metrics and prepare reports to show current security posture

*Monitor system events log files and alerts

Security Engineering & Cloud Security

*Cloud Governance:Define security guardrails for AWS/Azure/GCP environments focusing on IAM VPC security and serverless protection.

*Infrastructure as Code (IaC): Partner with DevOps to integrate security checks into CI/CD pipelines (DevSecOps).

*Engineering Excellence:Lead the design and deployment of scalable security solutions that support business growth without introducing friction.

*Provide technical leadership and oversight to security engineering activities and initiatives

*Harden systems for cyber resilience

Vulnerability Management

*Lifecycle Management: Oversee the end-to-end vulnerability management process from discovery and risk-based prioritization to remediation tracking.

*Exposure Management: Move beyond simple patching to manage the attack surface including external digital footprints and shadow IT.

Architecture & Design

*Security Blueprints: Collaborate with Enterprise Architects to ensure security is baked in to new product builds and internal migrations.

*Zero Trust: Lead the transition toward a Zero Trust Architecture focusing on identity-centric security and micro-segmentation.

*Determine security requirements and security controls for new systems

*Develop and maintain architectural diagrams

Team Coaching

* Coach team memebrs and manage work plan on assigned projects

Any other tasks assigned by Manager

Manages People: Yes

Education/Experience

Minimum 8 years of experience within Information Security

At least 3 years of experience Threat Management and Security Operations

At least one of the following certifications required: CISSP CCSP CASP any SANS GIAC or equivalent is prefered

AWS certifications such as AWS Certified Security - Specialty highly desired

Required Knowledge Skills Abilities:

Thorough understanding of the following areas: Threat Management Secuity OperationsApplication Security Cloud Security Data Security Endpoint Security Network Security and User Access Security

Knowledge of security frameworks and standards such as NIST CSF ISO27000 and/or CIS

Self-directed work habits exhibiting initiative drive creativity maturity self-assurance and professionalism.

Ability and desire to take ownership of multiple tasks and responsibilities.

Experience designing or implementing an enterprise level Security Program

Work Environment: Office

#updated03-31

Required Experience:

Director