Senior Director, Threat Detection & Platform Engineering

closed
Experian Logo

Experian

πŸ“Remote - United States

Summary

Join Experian's Global Security Engineering Center of Excellence as a Senior Director of Threat Detection and Platform Engineering. Lead a team developing integrated cyber fusion security engineering capabilities and platforms. You will oversee the creation of threat detection rules and manage security platform engineers across various technologies. Collaborate with global leadership and other teams to enhance incident response and threat detection. This role requires extensive experience in information security, leadership, and specific technical skills. The position offers a competitive compensation package and flexible work arrangements.

Requirements

  • 10+ years of leadership experience in a technical capacity
  • 8+ years of information security related experience in areas such as: security operations, incident analysis, incident handling, vulnerability management or testing, system patching, log analysis, intrusion detection, or security device administration
  • Expertise in Splunk or other SIEM tools, including rule creation, query writing, and alert management
  • Proficient in platforms such as SOAR and implementing automated workflows and playbooks
  • Proficient experience with MITRE ATT&CKβ„’ framework, cyber threat landscapes, attack vectors and threat actors
  • Demonstrated technical skills in the following areas: In-depth packet analysis skills, core forensic familiarity, incident response skills, and data fusion skills based on multiple security data sources
  • System administration on Unix, Linux, or Windows
  • Network forensics, logging, and event management
  • Defensive network infrastructure (operations or engineering)
  • Vulnerability assessment and penetration testing concepts
  • Malware analysis concepts, techniques, and reverse engineering
  • In-depth knowledge of network and host security technologies and products (firewalls, network IDS, scanners)
  • Security monitoring technologies, such as WAF, Web Proxies, UEBA, DLP, among others
  • Knowledge with common cybersecurity frameworks such as NIST, or other leading practices, and industry standards

Responsibilities

  • Lead a team that creates and implements automated workflows in tools to enhance incident response capabilities and improve security operations
  • Oversee building high-quality threat detection rules, queries, and alerts based on identified use cases, threat scenarios, and structured threat intelligence, including MITRE ATT&CKβ„’ Tactics, Techniques and Procedures (TTPs)
  • Provide leadership and vision to security engineering planning functions, including short-, mid-, and long-term engineering proposal solutions, technical and complex product planning, technical innovation, and strategic platform integrations
  • Participate in the Security Architecture and Engineering EGSO leadership team to help create our vision, mission, and strategic goals
  • Collaborate with a community of executives across EGSO leadership teams to deliver KPI/KRI threat detection metrics and progress reporting and strategy
  • Collaborate with teams, including Security Operations Center (SOC) analysts, Incident Responders, and Threat Intelligence researchers, to understand and respond to latest threats
  • Evaluate the recommendations and implementations of new security tools, techniques, and processes that enhance our threat detection and response capabilities by the team
  • Assess the management of detection rules and automated workflows to ensure optimal performance, effectiveness, and accuracy
  • Oversee and participate, when needed, in incident response activate and provide directives
  • Stay current on regulatory changes, latest threats, and evolving technologies, and implement appropriate control mechanisms and security architecture based on risks within Experian's environment
  • Participate in Breach Response exercises, including the establishment and validation of procedures to restore business to BAU activities

Preferred Qualifications

Relevant security certifications such as CISSP, GCIH, GCIA, or similar are a plus

Benefits

  • Great compensation package and bonus plan
  • Core benefits, including medical, dental, vision, and matching 401K
  • Flexible work environment, ability to work remotely, hybrid, or in-office
  • Flexible time off, including volunteer time off, vacation, sick, and 12-paid holidays
This job is filled or no longer available

Similar Remote Jobs