Vacancy expired!
COMPANY OVERVIEW:TIAA is the leading provider of financial services in the academic, research, medical, cultural and government fields. We offer a wide range of financial solutions, including investing, banking, advice and education, and retirement services.POSITION SUMMARY:TIAA is looking for a passionate, self-driven Information Security Manager to lead our Insider threat team, investigating insider threat incidents, delivering insider threat analytics, and building automation in the insider threat field as part of our Cybersecurity Operations team.You should be comfortable leading highly sensitive, complex, and confidential high-tech insider threat investigations into incidents of data loss and intellectual property theft, technology misuse, conflict of interest, and other policy violations. When potentially anomalous behavior is detected, the team is responsible for escalating the activity and working collaboratively with partners across the first and second lines of defense to determine the appropriate resolution of the matter. They need to be able to reach across teams to help drive understanding out of complex problems, keep a focused goal of producing intelligence, briefings, and recommendations for threat hunts and situations.You will also be responsible for monitoring budgets and schedules for projects conducted by teams and ensures they are completed in a timely manner. You'll be asked to recruit, direct, motivate and develops staff, maximizing their individual contribution, their professional growth and their ability to function effectively with their colleagues as a team.KEY RESPONSIBILITIES AND DUTIES:
Lead staff of cybersecurity analysts, focusing on execution, planning, performance management and staff development.
Provide mentorship and guidance to cybersecurity analysts, to help them develop in their ability to recognize security incidents.
Drive large incidents with multiple teams independently towards resolution, utilizing standard investigative techniques to gather, analyze, and work with teams to prove or disprove the allegation(s) with data.
Brief internal customers (Information Technology, Human Resources, Legal, etc.) on relevant findings on a need to know basis as determined by the sensitivity of the investigation or as mandated by the business.
Actively hunt for threats in the environment and collaborate findings with a variety of high caliber teams.
Conduct risk-based analysis of users and groups across the enterprise; develop investigative action plans based on findings.
Maintain effective operational, coverage, and executive-level metrics.
Develop and maintain standard operating procedures to reflect day-to-day operations.
Suggest new tool opportunities, methodologies, and improvements for hunting both insider or external threat-actors.
QUALIFICATIONS:REQUIRED SKILLS:
8 or more years of experience in at least one of the following areas; threat intelligence, threat hunting, data analysis, security monitoring, host or network forensics.
5 or more years of experience in managing, leading, and/or mentoring a team of individual contributors
5 or more years of work with technical investigations/response, insider threats, or law enforcement investigations.
PREFERRED SKILLS:
5 or more years of experience working with at least one of the following enterprise security solutions: Security Information and Event Management, Data Loss Prevention, Endpoint Detection & Response, or UBA (User Behavior Analytics).
Specialized experience in cyber incident response and cyber incident management
Analytical ability - The applicant should have experience identifying red flags, validating sources, and making judgment calls about the completeness and accuracy of open source information
Excellent writing skills - The applicant should be familiar with legal and financial nomenclature and be able to draft accurate, concise summaries.
Strategic planning and resourcefulness - The applicant will be responsible for developing investigative plans and strategies for engagements and producing creative solutions to challenging research problems
Experience identifying and managing work performed by subcontractors, including negotiating budgets and deadlines
Experience working with international colleagues and coordinating investigations across time zones is a plus
Degree in mathematics, computer science, or other engineering discipline.
Strong interpersonal skills, able to communicate with a wide range of technical and non-technical partners.
Knowledge and/or experience with the MITRE ATT&CK framework.
Standing relationships with industry associations relevant to the position.
Equal Employment Opportunity is not just the law, it’s our commitment. Read more about the .If you need assistance applying due to being visually or hearing impaired, please email .We are an Equal Opportunity/Affirmative Action Employer. We will consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other legally protected status.Additional Information
Requisition ID: 1722764
Field: TechnologyCompany: TIAA