Vacancy expired!
Albertsons Companies is one of the largest food and drug retailers with 2,300+ stores. The Albertsons Companies family of brands includes some of the most prominent brands in food retailing, with a growing base of loyal shoppers. Thanks to the professionalism, diversity, spirit, and friendliness of our people, we have locations across the U.S.
The Information Technology Department has an opening for a Senior Manager, Information Security Threat Intelligence and Cyber Hunting. This position is located in Phoenix, Arizona or Pleasanton, CA, or Boise, ID or Dallas, TX.Position Purpose We are looking for a seasoned leader with bleeding edge ideas, exceptional skills and a passion for finding threats within corporate networks. The Sr. Manager, Cyber Threat Hunting Operations will build and lead a geographically diverse team of cyber intelligence and threat hunting professionals within the Cybersecurity Operations Program. Reporting to the Head of Cybersecurity Operations, this leader will design and implement all aspects for Threat Hunting, Strategic and Tactical Cyber Threat Intelligence.Key Responsibilities include, but are not limited to:- Develop and manage the Threat Intelligence strategic roadmap and the team's day-to-day operations to monitor, track and analyze Threat Actor Groups and emerging threats in service of the enterprise's defense.
- Provide guidance/training to less experienced staff.
- Develop strategies to identify and track the tactics, techniques, and procedures (TTP) of the threat actor groups that target our organization and our sector.
- Oversee threat hunting missions using threat intelligence, analysis of anomalous log data, analytics and brainstorming sessions with your team.
- Spearhead the development of new detection capabilities to identify the presence of cyber threats.
- Develop strategies to employ threat intelligence repositories that provide real-time access to threat intelligence.
- Use frameworks such as the cyber kill chain, diamond model for intrusion analysis and MITRE ATT&CK framework to identify and analyze malicious campaigns and their effectiveness against our cyber defenses.
- Partner with the CSOC to incorporate threat intelligence into security monitoring and incident response.
- Build company-wide relationships to identify opportunities where threat intelligence can positively impact business operations.
- Integrate Threat Intelligence projects into existing Cyber Defense and Vulnerability Management functions, including ad-hoc analysis requests and purple team exercises.
- Build threat sharing relationships with peer organizations, government, and law enforcement.
- Drive prioritization and focus across several cross-functional service areas to support Intelligence-driven proactive operations.
- Define core competencies of intelligence practitioners to ensure the ongoing development of internal resources.
- Manage onshore and offshore individual contributors.
- Prepare and provide status reports for senior management on program metrics that demonstrates continuous collection and analysis of threat intelligence.
- 4-year degree (Computer Science, Information Systems or relational functional field) and/or equivalent combination of education or work experience. Advanced degree preferred.
- 3-5+ years experience managing a threat intelligence team
- 5-7+ years experience in incident response
- 10+ years of professional experience in the field of Information Technology and related enterprise level technology design and implementation experience.
- Detailed understanding of the MITRE ATT&CK framework and/or the Cyber kill chain
- Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures
- Current CRISC, CISSP, CISM and/or other security certifications preferred.
- 3 + years of experience leveraging and generating security metrics
- Ability to rapidly learn and apply advanced and emerging technical security principles, theories, and concepts.
- Strong knowledge of cloud security concepts and DevOps practices
- Exceptional analytical ability, communication and project management skills, and the ability to work effectively with clients, IT management and staff, vendors, and consultants.
- Strong ability to understand client expectations and to resolve issues that may affect service delivery.
- Strong interpersonal skills with the ability to work effectively in a matrixed organization.
- Ability to work with teams that are geographically distributed and work across different time zones.
- Exceptional leadership abilities to facilitate and encourage team collaboration and support career growth of security staff at various levels of maturity and expertise.
- Compassion: We always treat each other with kindness and respect
- Team: We always support and recognize each other
- Inclusive: We always value everyone's perspective
- Learning: We always strive to grow and develop ourselves and others
- Competitive: We always act with integrity to win over the customer
- Ownership: We always take actions to drive our success
- Work may be performed in a temperature-controlled environment.
- Must sit, stand, or walk for extended periods of time.
- May spend long periods of time at desk or computer terminal.
- Will use keyboards, telephone, and other office equipment during the course of normal workday.
- Stooping, bending, twisting, and reaching may be required in completion of job duties.
- Work day is fast paced; some evening and weekend work may be required.
Vacancy expired!