Senior Cyber Crisis Delivery Consultant
Semperis
Cyber Security
Manager, IT Risk Management
Sullivan & Cromwell LLP
full-time
Posted on:
Origin: • 🇺🇸 United States • Illinois
Visit company websiteSalary
💰 $125,000 - $165,572 per year
Job Level
SeniorLead
Tech Stack
Cyber Security
About the role
- Manage a team of cybersecurity professionals and operationalize the Cyber Security Operations Center (CSOC) Model of key CSOC functions and tiers.
- Proactive and reactive risk mitigation through threat intelligence, technical and procedural controls, and incident preparation, management, and remediation.
- Configuration and monitoring of security technologies for security posture management.
- Cross-functional collaboration and problem solving to communicate with other teams and stakeholders.
- Execute day-to-day CSOC activities and work closely with Director-IT Risk Management to maintain resilient security controls and processes.
- Plan and execute operational plans with a 1-2 year focus to establish and mature programs for Incident Management and Security Posture Management.
- Lead and exercise the full implementation of the IT Cybersecurity Incident Response Team (IT CSIRT) and integrate with Corporate Critical Incident Response Team (CCIRT).
- Ensure all needed security log information is received and rules are configured to capture relevant information and generate actionable alerts.
- Implement, administer, and monitor technology and processes to detect and analyze weaknesses and ensure prioritized adjudication of findings.
- Lead, inspire, and develop a high-performing team; manage recruitment, hiring, performance reviews, PIPs, firing, promotion, and succession planning.
- Develop KPIs and KRIs to measure CSOC operations and risk management and provide regular reports to leadership.
- Provide recommendations for key results, initiatives, and goals based on CSOC processes and control implementation gaps aligned to ISO 27001 and CIS benchmarks.
- Collaborate across leadership and functional areas to reduce IT risks and promote information security culture.
- Design training and awareness programs and measure their effectiveness.
- Maintain thorough, organized documentation and present regular reports on CSOC performance and metrics.
- Program and monitor CSOC technology budget and ensure cost efficiency.
- Understand and comply with all applicable Company policies and rules.
Requirements
- Bachelor's degree in Information Systems, Computer Science, Business, or equivalent experience.
- 7+ years of experience in Information Security or a related role.
- Demonstrated experience managing an IT team focused on risk management and/or security-related projects.
- Strong knowledge of information and cyber security principles, technology and best practices.
- Experience in using and administering document management systems, Microsoft cybersecurity technology, including Sentinel and Purview or similar platforms.
- Practical knowledge of ISO 27001:2022 and CIS critical controls and safeguards and the ability to understand and apply evolving standards and requirements.
- Ability to collaborate effectively with cross-functional teams and external stakeholders.
- Possess a collaborative and risk-based mindset and great communication skills.
- Strong leadership skills with an ability to lead, guide, motivate, and delegate to deliver results, embrace change, drive decisions and outcomes, embrace culture and inclusion, and exhibit integrity.
- Excellent organizational, planning, and project management skills, creatively problem-solving issues and juggling a portfolio of initiatives.
- Excellent communication skills (written, verbal, listening, and presentation); able to liaise effectively with internal and external stakeholders to drive decisions and achieve targeted results.
- Strong interpersonal skills to establish meaningful relationships built on mutual trust and respect, navigate and resolve conflict, moderate behaviors, and foster collaborative working relationships amongst a diverse audience.
- Ability to use business acumen and analytical skills to analyze data to drive informed decisions and problem-solve issues.
- Foundational financial acumen with the ability to provide input to budgetary processes for fiscal effectiveness.
- Ability to travel as required.
- 7+ years of experience in Information or Cybersecurity roles including at least 3 years in Incident Management/Security Operations.
- 2+ years experience managing a Security Operations team that handles Incident Response.
