Senior Director, Threat Detection & Platform Engineering

Summary

Join Experian as the Senior Director of Threat Detection and Platform Engineering, leading the Global Security Engineering Center of Excellence. You will spearhead the development of integrated cyber fusion security engineering capabilities and platforms, guiding a team of engineers in creating high-quality threat detection rules and managing security platforms. This role involves collaborating with global leadership, overseeing incident response, and staying abreast of evolving threats and technologies. You will report to the SVP of Security Architecture and Engineering and contribute to the overall security strategy of the organization. The position requires extensive experience in information security, leadership, and specific technical skills. Experian offers a competitive compensation package and a flexible work environment.

Requirements

• 10+ years of leadership experience in a technical capacity
• 8+ years of information security related experience in areas such as: security operations, incident analysis, incident handling, vulnerability management or testing, system patching, log analysis, intrusion detection, or security device administration
• Expertise in Splunk or other SIEM tools, including rule creation, query writing, and alert management
• Proficient in platforms such as SOAR and implementing automated workflows and playbooks
• Proficient experience with MITRE ATT&CK™ framework, cyber threat landscapes, attack vectors and threat actors
• Demonstrated technical skills in the following areas: In-depth packet analysis skills, core forensic familiarity, incident response skills, and data fusion skills based on multiple security data sources
• System administration on Unix, Linux, or Windows
• Network forensics, logging, and event management
• Defensive network infrastructure (operations or engineering)
• Vulnerability assessment and penetration testing concepts
• Malware analysis concepts, techniques, and reverse engineering
• In-depth knowledge of network and host security technologies and products (firewalls, network IDS, scanners)
• Security monitoring technologies, such as WAF, Web Proxies, UEBA, DLP, among others
• Knowledge with common cybersecurity frameworks such as NIST, or other leading practices, and industry standards

Responsibilities

• Lead a team that creates and implements automated workflows in tools to enhance incident response capabilities and improve security operations
• Oversee building high-quality threat detection rules, queries, and alerts based on identified use cases, threat scenarios, and structured threat intelligence, including MITRE ATT&CK™ Tactics, Techniques and Procedures (TTPs)
• Provide leadership and vision to security engineering planning functions, including short-, mid-, and long-term engineering proposal solutions, technical and complex product planning, technical innovation, and strategic platform integrations
• Participate in the Security Architecture and Engineering EGSO leadership team to help create our vision, mission, and strategic goals
• Collaborate with a community of executives across EGSO leadership teams to deliver KPI/KRI threat detection metrics and progress reporting and strategy
• Collaborate with teams, including Security Operations Center (SOC) analysts, Incident Responders, and Threat Intelligence researchers, to understand and respond to latest threats
• Evaluate the recommendations and implementations of new security tools, techniques, and processes that enhance our threat detection and response capabilities by the team
• Assess the management of detection rules and automated workflows to ensure optimal performance, effectiveness, and accuracy
• Oversee and participate, when needed, in incident response activate and provide directives
• Stay current on regulatory changes, latest threats, and evolving technologies, and implement appropriate control mechanisms and security architecture based on risks within Experian's environment
• Participate in Breach Response exercises, including the establishment and validation of procedures to restore business to BAU activities

Preferred Qualifications

Relevant security certifications such as CISSP, GCIH, GCIA, or similar are a plus

Benefits

• Great compensation package and bonus plan
• Core benefits, including medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remotely, hybrid, or in-office
• Flexible time off, including volunteer time off, vacation, sick, and 12-paid holidays