Full-Time Senior Manager Security Operations
Black Knight is the premier provider of integrated technology, services, data and analytics that lenders and servicers look to first to help successfully manage the entire loan life cycle. Our deep understanding of regulatory and compliance issues complements the knowledge, technology and solutions we offer to help our clients achieve their business goals. Black Knight offers leading software systems; data and analytics offerings; and information solutions that facilitate and automate many of the business processes across the mortgage life cycle.
JOB FAMILY DESCRIPTION
Manages Black Knight’s Global Security Operations Center (SOC) and Incident Response team to ensure information systems security across the enterprise. Leads, plans, and develops the processes and playbooks for the Red and Blue team operations in Information Security. Participates in the planning and implementation of security administration for Black Knight. Responsible for evaluation and selection of incident response and security operations methods, systems and tools. Recommends and implements changes to work methods and procedures to make them more effective or to strengthen security measures.
GENERAL DUTIES & RESPONSIBILITIES
* Provides direction to SOC and Incident Response staff to ensure risk is minimized through the development and maintenance of information security processes.
* Manages and leads the development of incident response plans, workflows, and SOPs.
* Monitors, reviews and analyzes security sensors, security events, network traffic, and logs to engineer new detection methods.
* Responds to incidents and communicates information security issues to management and clients.
* Conducts studies within and outside the organization to ensure compliance with standards and currency with industry security norms.
* Evaluates new SOC and IR technology solutions and techniques for implementation to ensure company assets are not comprised.
* Prepares and evaluates activity reports for areas of concern and presents to management.
* Ensures the protection of corporate intellectual capital in databases and/or applications accessed by customers and vendors.
* Manages staff and motivates employees through talent and performance management.
* Performs other related duties as assigned.
* Bachelor’s Degree in Computer Science, Information Systems or the equivalent combination of education, training, or work experience.
ANY of the following professional certifications are a plus: ISACA (CISM), SANS (GCIA, GCIH, GREM, GCFA, etc.), EC-Council (CEH or ECIH), ISC2 (CISSP)
GENERAL KNOWLEDGE, SKILLS & ABILITIES
* Strong background in security operations, process, solutions and technologies
* Extensive experience in threat hunting, malware analysis, log reviews, and memory analysis
* In-depth understanding of advance adversaries
* High-level understanding of computer security concepts such as Identity & Access Management, Network Security, Application Security, and Incident Management
* Knowledge with SIEM and/or log aggregation technologies such as QRADAR, Splunk, ArcSight, ELK, etc. preferred
* Keen understanding of networking concepts and protocols (such as DNS, SMTP, FTP, SSL, etc.)
* Experience investigating computer network intrusions and incident response in an enterprise environment, preferably in a Security Operations Center (SOC)
* Understanding of threat vectors as well as exfiltration techniques is desired
* Experience investigating intrusions in a cloud/hybrid environment is a plus
* Extensive knowledge of relevant legal and regulatory requirements as well as privacy laws preferred
* Extensive knowledge of common information security management frameworks
* Extensive experience working with a diverse range of data sources/streams and managing these effectively
* Excellent analytical, decision-making and problem-solving skills
* Proficiency in developing partnership-oriented relationships with internal and external business executives and functional leaders
* Strong understanding of policy, compliance, and best practice security principles
* Extensive knowledge of infrastructure, key processes, and technology-oriented risk issues, specifically around security and privacy
* Proficiency at multitasking in a fast-paced environment with focus on timeliness, documentation, and communications with peers and business users alike.
* Proficiency in project management
* Excellent communication skills, both verbally and in writing, to technical and non-technical audiences of various levels within Black Knight or outside the organization (executives, regulators, clients, etc.)
* Results oriented, business focused, and successful at interfacing across multiple organizational units
JOB FAMILY LEVEL
Middle level management role. Manages and mentors supervisors, project leads and/or technical staff researching and developing solutions. Manages staffing, budgeting, and planning for functional area. Works with senior leadership to establish strategic plans and objectives for the department while ensuring the department meets its objectives. Develops corporate programs to ensure all employees are educated on information security requirements through training tools. Works on multiple complex projects as a project leader and subject matter expert. Develops budget and ensures objectives are met. Interacts with executives, management and clients. Typically requires a minimum of seven (7) years of experience with a broad range of exposure to all aspects of business planning, systems analysis and applications development with five (5) years of experience managing team(s) and project(s) for information security management.
Black Knight is an AA/Equal Opportunity Employer.
How to ApplyApplication URL: http://www.aplitrak.com/?adid=cmZsYWdnLjQ2NDk4LjEwNTk0QGJsYWNra25pZ2h0ZmluLmFwbGl0cmFrLmNvbQ
73 total views, 1 today