Director of Threat Management and Security Incident Response at Global Payments (Atlanta, GA)

Summary
The Director of Threat Management and Security Incident Response is a member of the Information Security leadership team and reports to the Security Operations Leader. The roles overall responsibility is to continuously enhance and execute the strategy for a globally-focused threat management and security incident response program.
Responsibilities
Job Details:

• Define and enhance capabilities to support security monitoring, security incident response, and threat management services
• Design, engineer, and operate automated processes to provide efficient and scalable capabilities
• Continuously evaluate industry-leading and emerging security technologies to support capabilities
• Develop additional security operations service offerings in collaboration with peers
• Assist the Security Operations Leader with all financial aspects (e.g., budgeting, planning, and forecasting)
• Collaborate with internal customers to define service requirements and gather feedback to enhance offerings
• Maintain and enhance the incident management and threat management programs which includes maintaining program documentation (e.g., incident response plan, standard operating procedures, integration playbooks), integrating processes/systems with other BTS teams, and defining metrics/reports for Executive leadership
• Lead a globally-distributed team of incident responders, incident handlers, and threat analysts
• Provide guidance, real-time feedback, and annual performance reviews to direct reports
  

Qualifications

• Bachelors in Computer or Software Engineering, Computer Science, Information Management, Information Science or a related technical field
• 10+ years of experience working in information security or information technology roles
• Experience developing, implementing, and leading service-oriented threat management, security monitoring, and security incident response programs
• Experience designing and engineering operational processes
• Demonstrated ability to communicate security risks to business and technical audiences across all levels of an organization
• In-depth knowledge of common web protocols (e.g., DNS, HTTP)
• Security knowledge across multiple security domains and technologies ( e.g., operating systems, databases, networking, applications, identity and access management)
• Strong knowledge of and experience working in Windows and Linux environments
• Experience working with APIs (e.g., SOAP, RESTful)
• Experience working with common data formats (e.g., CSV, XML, JSON, Syslog, log message)
• Ability to develop custom ETL and reporting scripts using common data querying languages/tools (e.g., Regular Expressions, XPath, XQuery, SQL, grep)
• Ability to develop custom scripts using common scripting languages (e.g., Python, PowerShell, VBA)
• Experience performing security testing activities (e.g., application assessments, penetration testing, vulnerability assessments) preferred
• Experience programming in object-oriented languages (e.g., C++, C#, Java) preferred
• Possession of industry certifications highly preferred including, but not limited to, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA)
  

Global Payments Inc. is an equal opportunity employer.
Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. Those applicants requiring reasonable accommodation to the application and/or interview process should notify a representative of the Human Resources Department.
by via developer jobs - Stack Overflow