Cyber Defense Labs is a full life-cycle information security service provider helping companies manage, detect and respond to today’s cyber risks. We provide trusted cyber risk management services to help companies reduce business risk before, during and after a cyber event.
Title: Assistant Director of Cyber Operations
Reports to: Managing Director of Cyber Operations & Portfolio Development
Job Summary:
Within cyber operations you are accountable for leading a multi-functional organization of security managers and security experts. Acts as a collaborative liaison between multiple groups (e.g. IT Infrastructure, IT Applications, IT Security, and other functional areas) to provide a risk-based and solution-focused perspective on security matters. Accountable for commercial cyber intelligence and cyber operations that support our cyber managed services. Working to protect CDL and its customers from cyber security threats while optimizing commercial opportunities to grow the business. He/she will partner with leaders and stakeholders across the business to ensure proper coordination and execution of activities related to in life service operations. You are responsible for running successful in life operations for multiple portfolio services, including supporting projects from demand origination to project closure; managing governance around Intake processes; supporting service escalations. The position has a high level of technical skills coupled with an ability to effectively communicate specific business and commercial security decisions within scope of role.
Primary Duties and Responsibilities:
Accountable for:
Embrace Service Excellence to provide effective leadership across area of responsibility
o Service – Accountable for performance through setting and continually reviewing meaningful service metrics across area of responsibility
o People – Accountable for the development of people through:
Regular coaching
Effective 1:1s
Continuous differentiation of performance
Appropriate recognition of great performance
o Transformation – Accountable for implementing a culture of Continuous Service Improvement across area of responsibility
Accountable for Cyber Security Operational Service Delivery including:
o Proactive risk management – identify issues and take personal action to mitigate the risk
o Reactive incident management and incident response – take personal action to act with a sense of urgency to minimise business impact with clear stakeholder communication throughout
o Providing security advice and direction to Line of Business within CDL and external customers
o Manage the in-life operations of the cyber managed security services for CDL and its customers
o Ability to make decisions even when faced with ambiguity
o Ability to engage and communicate clearly in order to motivate and inspire people to deliver
o Translate and deliver CDL Strategy by working through complexity to provide clear operational direction – set the context
o Accountable for effectively balancing the management of service, people, change & cost in the delivery of our strategic plan and day to day operations for their functional area
o Accountable for building the necessary professional standards & capability personally and within functional area (professional standards; people management; business management; leadership)
o Responsible for effective CDL Stakeholder Management including direct customer contact where appropriate
Job Standards:
Security Operations Hygiene:
o Weekly time recording compliance
o Weekly submission of metric performance
o Availability & responsiveness
Calendar consistently up to date
Appropriate use of out of office assistant & voice mail greeting
Timely response to line management
o Management of annual leave both personally and direct reports (where appropriate)
Timely use of entitlement
Approval of surplus annual leave carry over to be in line with HR policy
Embrace Service Excellence to provide effective management across area of responsibility
o Service – Continually monitor and report performance through service metrics across area of responsibility
o Transformation – Responsible for implementing Continuous Service Improvement across area of responsibility and CDL Security where applicable
Responsible for Operational Service Delivery including:
o Provide technical/specialist SME expertise and recommendations to support and/or manage:
Proactive risk management – identify issues and take personal action to mitigate or highlight the risk
Reactive incident management – act with a sense of urgency to minimise business impact with clear stakeholder communication throughout
Ability to prioritize effort and make decisions based on business impact
Ability to engage and communicate clearly to motivate and inspire people to deliver
Understand CMSSP business unit strategy to enable day to day prioritisation of effort
Manage delivery of the functional strategy and ensure this supports the CMSSP strategy by having a clear plan of action for area of responsibility
Manage the balancing of service, people, change & cost in the delivery of our strategic plan and day to day operations for area of responsibility (where appropriate)
Responsible for building the necessary professional standards & capability personally and within functional area (professional standards; people management; business management; leadership)
Responsible for effective Stakeholder Management including direct customer contact where appropriate
Take a structured and consistent approach to problem solving ensuring that the role holder takes responsibility for issues and manages through to conclusion
Responsible for adherence to all company policies
Minimum Qualifications:
Passion and enthusiasm for Cyber Security
5+ years’ experience of working in a high-performance SOC team in a cyber-security focused organization
Experience with an enterprise-grade SIEM platform (e.g., LogRhythm, AlienVault, ArcSight, QRadar, McAfee, Securonix)
Working knowledge in network access control, intrusion prevention and detection systems, firewalls, routers, incident response, information security methods, and risk management
Experience in high volume environments that handle millions/billions of records per day
Experience in Security Event analysis & triage, incident handling and root-cause identification.
Specialty in one or more of the following Information Security domains:
Cyber Intelligence Analysis, Threat Monitoring, Incident Response, Machine Learning & Artificial Intelligence, Malware Analysis, Computer Forensics, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Platform Security, Identity & Access Management, Security Education & Awareness, Vulnerability Scanning & Management, and Compliance & Risk Management
Well versed in TCP/IP and other network protocols
Ability to review and understand packet captures and netflow
Experience with Red/ Blue team exercises
Excellent team-working skills, and a "can do, let's get it done" attitude is crucial
A desire to keep learning, extending your skills and pushing the boundaries of your knowledge
Excellent verbal and written communication skills
Relevant experience with stakeholder management and good interpersonal skills
Relevant operational knowledge and experience of risk management
Knowledge of Security management, network and information security, people security and running of one or more services within a Security Operations Centre
Outstanding organizational, communication, interpersonal, relationship building skills conducive to collaboration; able to work well in a cross-functional, matrix management environment
Excellent analytical and problem-solving skills with a history of hands-on, detail orientation
Highly developed abilities with executive presentations, listening, negotiation and influencing skills
Excellent time management skills
Supplier management
Change management
Effective Communication, including verbal, report writing & presentations skills
Innovation and creativity
Analysis & interpretation of data into actionable information
Planning & execution
Holds or can obtain appropriate level of Security Clearance where required
Education and/or Experience:
College Degree in Cyber Security or Information Technology or equivalent work experience
Certifications like Security+, CEH, GCIH, CISM, CISSP
Requires 5+ years related experience
3+ years of management/leadership experience in a network operation environment
Please note Cyber Defense Labs does not accept resumes from any source other than directly from candidates. We will not consider resumes from vendors including and without limitation search firms, staffing agencies, fee-based referral services and recruiting agencies.