Principal Of Security Operations

Summary

Join Business Wire, a Berkshire Hathaway company, as a Principal of Security Operations and lead our Security Operation, Detection & Response initiatives. You will oversee and advance our security operations function, safeguarding our systems, data, and reputation. This key leadership role involves implementing and optimizing security technologies and processes, enhancing security resilience, and working closely with various teams. You will be responsible for managing security incidents, conducting investigations, and proactively identifying threats. The ideal candidate possesses extensive security operations experience, strong technical skills, and proven leadership abilities.

Requirements

• 8+ years of hands-on and leadership experience in security operations, incident management, and threat hunting, with 4+ years in an AWS environment
• Deep understanding of security technologies and tools including SIEM, EDR, threat intelligence platforms, and other security monitoring and detection solutions
• Demonstrated knowledge of common scripting languages (Python, PowerShell, Bash, etc.)
• Proven experience in managing security investigations and implementing security best practices within AWS environments
• Demonstrated expertise in leading and managing incident response efforts, with a strong understanding of incident handling best practices. Extensive experience in handling and leading complex incident response activities across a dynamic technical ecosystem
• Demonstrated knowledge of preventive security technologies such as DLP, CASB, Crowdstrike XDR, Microsoft Defender, and their integration into security operations
• Proven leadership skills with the ability to inspire and motivate a team, collaborate with cross-functional stakeholders, and drive positive change
• Exceptional communication skills to effectively collaborate with cross-functional teams, present security findings to executives, and articulate complex technical concepts to non-technical stakeholders
• Strong analytical mindset and problem-solving abilities to assess complex security incidents and develop effective solutions
• Ability to develop and execute long-term security operations strategies, aligning security goals with business objectives
• Familiarity with threat intelligence sources and experience in applying threat intelligence to enhance security operations
• A mindset focused on continuous improvement, staying up-to-date with the latest security trends and proactively adopting new security technologies and practices
• Ability to adapt to dynamic security challenges and work in a fast-paced environment

Responsibilities

• Provide mentorship, direction, and guidance to enhance our security capabilities associated with monitoring, detection, and response
• Oversee the management and optimization of our Security Information and Event Management (SIEM) platform to ensure timely detection and response to security incidents
• Build security automation playbooks leveraging the SOAR platform to improve the detection & response capabilities of the team
• Implement and manage Endpoint Detection and Response (EDR) solutions to protect our endpoints from advanced threats and intrusions
• Establish and maintain a robust monitoring and analysis program to identify and respond to security events in real-time
• Operationalize the threat intelligence program by collaborating on the ingestion and correlation of threat intelligence feeds with the Business Wire threat defense tools
• Conduct thorough investigations into security incidents, analyzing root causes, performing host and network forensics, and providing remediation recommendations
• Proactively search for and identify potential security threats and vulnerabilities, staying ahead of emerging attack vectors
• Lead incident response efforts, coordinating with internal and external stakeholders to effectively contain and mitigate security incidents
• Lead and manage security incidents and response procedures within AWS environments, utilizing native AWS security tools effectively
• Oversee and optimize security defensive technologies, including DLP, CASB, Crowdstrike EDR, Microsoft Defender, Wiz, and others to mitigate potential threats
• Implement and maintain security controls in AWS environments, adhering to industry best practices and ensuring compliance with security standards

Preferred Qualifications

Certifications such as CISSP, CISM, GIAC, or AWS security certifications are a plus

Benefits

• Ability to work remotely
• Excellent health benefits that begin on your first day of employment
• $100 monthly fitness allotment, a tuition reimbursement program, and enhanced mental health resources
• 401(k) plan with generous company match, and annual profit sharing contribution (subject to company performance)
• PTO, Floating Holidays, Wellness Day Off, Birthday Day Off, and more!