Senior Manager, Threat Intelligence

Summary

Join NBCUniversal as a Senior Manager of Cyber Threat Intelligence, leading a team in identifying, analyzing, and reporting cyber threats. You will establish operational objectives, develop a comprehensive threat intelligence strategy, and oversee in-depth technical threat analysis. This role requires collaboration with cross-functional teams, customers, and vendors to enhance security programs. You will also drive the long-term vision for advanced supporting systems and technologies. The ideal candidate possesses advanced technical expertise and exceptional leadership and communication skills. This is a fully remote position with competitive benefits.

Requirements

• Minimum 10 years of progressive cybersecurity experience with increasing responsibility in threat hunting, incident response, digital forensics, cyber intelligence, or related fields, including significant experience leading and managing technical teams
• Advanced expertise in security technologies (EDR, SIEM, cloud security, network security) and a deep understanding of network and host-based security concepts and protocols within complex, multi-faceted enterprise networks
• Extensive proven experience with threat intelligence platforms, advanced data analysis tools, and scripting/query languages (e.g., Python, SPL, SQL, LogScale), with the ability to guide the team in their effective utilization
• Comprehensive and strategic understanding of the cyber threat landscape (tactical, operational, strategic), including security and analysis frameworks (MITRE ATT&CK, Kill Chain, Diamond Model, NIST Incident Response, etc.), with the ability to anticipate future trends
• Demonstrated advanced experience in network and host-based analysis and investigation, with the ability to guide and mentor the team in complex investigations
• Exceptional analytical and problem-solving skills with superior written and verbal communication, including extensive experience briefing corporate executives and diverse professional audiences
• Significant demonstrated experience in leading, mentoring, and developing technical teams, as well as developing, implementing, and enforcing standard operating procedures and complex workflows across teams
• Proven ability to envision and drive the implementation of strategic systems and technologies to support security operations across multiple domains and in developing and executing comprehensive security strategies aligned with overarching organizational goals
• Ability to be on-call to provide strategic support and guidance during critical incidents and non-traditional hours
• Highly self-motivated and able to work independently and collaboratively across diverse teams and organizational levels

Responsibilities

• Manage and provide strategic direction to a team of cyber threat intelligence analysts, fostering their professional growth and development, and ensuring the consistent delivery of high-quality intelligence products through effective oversight and mentorship
• Establish the operational objectives and work plans for the cyber threat intelligence team(s), aligning individual and team goals with the broader CTI strategy and organizational objectives
• Develop, document, and drive the execution of the cyber threat intelligence strategy across multiple areas of the organization, ensuring alignment with overarching security and business goals
• Lead the maturation of the CTI function by proactively identifying, evaluating, and integrating significant advancements in intelligence tradecraft, analytical techniques, automation, AI/ML capabilities, and relevant technologies across teams
• Establish, track, analyze, and report on key performance indicators (KPIs) and metrics to measure the effectiveness, impact, and value proposition of the CTI program to senior leadership and a diverse range of stakeholders
• Define, prioritize, and oversee the management of intelligence requirements (PIRs) derived from diverse stakeholder needs and the evolving threat landscape, with a strong focus on threats targeting the media and entertainment sector and adjacent industries
• Interact with direct reports, multiple cross-functional peers, customers, and vendors to exchange information that strengthens agreements, builds buy-in for intelligence initiatives, and improves the effectiveness of security programs; maintain and enhance relationships with established external partners and vendors
• Oversee in-depth technical analysis of complex and novel threats (malware, network traffic, vulnerabilities) conducted by the team, providing guidance and expertise as needed
• Direct the development and maintenance of the organization's threat intelligence infrastructure, custom feeds, and diverse data sources, ensuring scalability and reliability
• Serve as the organization's primary point of contact and subject matter expert on complex cyber threat intelligence matters, delivering strategic and operational threat briefings, comprehensive written reports (tactical, operational, strategic), and impactful presentations to inform executive leadership, security operations, incident response, risk management decisions, and strategic planning across the organization
• Develop, implement, and enforce consistent standard operating procedures (SOPs), advanced analytical tradecraft standards, robust data handling protocols, and rigorous quality control mechanisms for all CTI activities across all teams
• Build and cultivate strong, collaborative relationships with key internal stakeholders across various departments, including Security Operations Center (SOC), Incident Response (IR), Vulnerability Management, and Threat Hunting, ensuring effective information sharing and coordinated security efforts across multiple teams
• Drive the strategic adoption and integration of threat intelligence technologies and platforms across multiple teams, including envisioning and overseeing the building of necessary supporting systems and integrations to significantly enhance operational efficiency and intelligence capabilities
• Document and ensure the dissemination of best practices and critical knowledge within the team and to relevant stakeholders across the organization

Preferred Qualifications

• Relevant advanced certifications (e.g., CISSP, CISM, SANS GIAC certifications at the expert level) are highly preferred
• Fully Remote: This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee’s residence

Benefits

This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks