Director, Security Operations

  • Company: Gartner
  • Location: Irving, Texas
  • Posted: December 15, 2017
  • Reference ID: 00017329
Manage the security operations center to ensure security threats are identified and addressed expeditiously
  • Partner with the CISO leadership team to set and drive an adaptive security monitoring and response strategy
  • Manage a security event detection sensor grid across a hybrid on-premise and cloud technology ecosystem
  • Manage the end-to-end incident response program, including incident management, playbook automation, and participation in “Red vs Blue” team testing activities
  • Manage and operate a continuous threat and vulnerability management program, improving time to address critical threats
  • Lead security investigations with key stakeholders such as HR, Legal, Align security operations measurements and dashboards to Key Risk Indicators
  • Oversee operations of key security technology services and products
  • Maintain strong relationships with external operations, incident response and forensics partners
  • Lead  a global, results-driven, high-performing team focused on business-enabling security
  • Protects the company from a wide-variety of business risks ranging from financial loss, regulatory fines and penalties, loss of intellectual property, and/or brand/reputation risk
  • Routine internal/external engagement at multiple levels: business leaders, technologists, chief information security officer (CISO), chief information officer (CIO), etc.


Job Requirements:
  • Bachelor’s degree in Information Systems, Information Technology, or equivalent.
  • 10 years of experience in a security and technology
  • 5 years of experience in a leadership role
  • 3 years of experience managing a global SOC
  • Experience with SOC measurement, automation and orchestration technologies and processes
  • Experience leading incident response and forensics investigations
  • Experience with proactive threat hunting
  • Strong interpersonal and communications skills; able to work in a collaborative, team-oriented environment
  • In depth knowledge of attacker methodologies and containment strategies
  • Strong understanding of networking architectures and routing, OS, and application security
  • Strong understanding of SIEM technologies and complementary toolsets
  • Proficient in security monitoring use case development
  • Able to review log files, conduct correlations, and synthesize analyses


Job ID 00017329

Share this Job