Job Description

NBCUniversal’s Cyber Threat Operations team is responsible for providing cyber threat intelligence, event monitoring, incident response, and threat hunting for all areas of NBCUniversal in a highly collaborative, fast paced, and agile fashion. The Manger of Cyber Response Operation’s primary function is to lead a team of cybersecurity event analysts and incident responders to provide continuous monitoring, event triage and analysis, incident response, remediation support and forensic services. This role also provides professional security operations center (SOC) analysis. The Cyber Response Operations is the designated 24x7x365 first line of defense against cyber threats at NBCUniversal.

The team is made up of Event analysts and Incident Responders who follow an Incident Response Plan to navigate the phases of Cyber Event and Incident Response. This team is critical to identifying and responding to adversarial attacks quickly and effectively. The leader of this group must be able to adapt quickly, solution on the fly and implement rigor that drives consistency and maturity, as well as enable the team to operate with creativity and empowerment. This role will require dedicated time to each employee to assist in their technical and professional development.

Duties and Responsibilities

• Manage 24/7/365 Security Operations team personnel and day-to-day SOC operations
• Monitor, respond, and manage cyber security events across the NBCU enterprise estate.
• Function as Incident Handler/Commander to remediate active incidents in coordination with the impacted business
• Managerial escalation point for potential cyber incidents or required assistance from Response team
• Participate in manager on-call rotation for cyber incident escalations and handling
• Ensure proper event identification, triage, threat determination, documentation & reporting across analysts
• Maintain and enforce event/ticket standards, key performance indicators and process adherence
• Manage team resources to support business & operational needs (shift coverage, Pillar Lead Program, escalations)
• Prioritize and drive automation priorities and team process enhancements
• Maintain relationships with Information Security Officers, business stakeholders, and other IT security teams
• Process documentation creation, maturity, and management
• Provide mentoring for SOC personnel for technical, professional, and career growth
• Develop and execute strategic plans that align to delivery of Senior Leadership goals and objectives
• Create and deliver monthly metrics that displays operational effectiveness, risk reduction, and business impact
• Effectively communicate status on operations, incidents, and concerns to business VIPs and Senior Leadership

Qualifications

Basic Requirements

• Bachelor’s Degree in an IT related field and/or equivalent work experience
• 5+ years of Cyber Security experience with a minimum of 4 years in Incident Response, Security Operations Center (SOC), or similar functions.
• 2+ years of experience managing a mature SOC.
• In-depth understanding of cyber threats, adversary techniques, response procedures, network and enterprise architecture, and threat detection.
• Willingness to work in a fast paced, high demand role that will require nonstandard working hours
• Be available to support the professional development and take escalations for any incidents that happen in this 24x7x365 global environment.
• Well organized and able to manage multiple workstreams and escalation paths.
• Working knowledge of core Enterprise IT concepts (web application architectures, networking, etc.)
• Experience with host-based and network-based forensics tools and analysis
• Knowledge of industry recognized security and analysis frameworks (Mitre ATT&CK, Kill Chain, Diamond Model, NIST Incident Response, etc.)
• Exceptional written and verbal communication skills
• Experience in applying security concepts to Cloud computing (AWS, Azure, GCP)
• Relevant certifications (GCIA, GCIH, GCFA, GNFA, etc.)
• Knowledgeable in SOC advancements such as EDR, XDR and SOAR
• Incident management process development and/or incident management experience
• SOC automation development and cloud operations (e. g. AWS) experience
• Ability to lead and communicate efficiently within a team environment
• Advanced technical writing skill

Desired Characteristics

• Working knowledge of core Enterprise IT concepts (web application architectures, networking, etc.)
• Experience with host-based and network-based forensics tools and analysis
• SOC automation development and cloud operations (e. g. AWS) experience
• Incident management process development and/or incident management experience
• Relevant certifications (GCIA, GCIH, GCFA, GNFA, etc.)

Additional Requirements

• This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee’s residence.
• This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks. Learn more about the benefits offered by NBCUniversal by visiting the Benefits page of the Careers website. Salary range: $150,000 - $170,000 (bonus eligible)

Additional Information

NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access nbcunicareers.com as a result of your disability. You can request reasonable accommodations in the US by calling 1-818-777-4107 and in the UK by calling +44 2036185726.