State Employees’ Credit Union – Cyber Security Manager – Security Operations & Incident Response – Raleigh, NC

Job title: Cyber Security Manager – Security Operations & Incident ResponseCompany: State Employees' Credit UnionJob description: If you are motivated and believe in the credit union philosophy of "People Helping People," ! PURPOSE:As the Cyber Security Manager of the Cybersecurity Operations Center, you will be responsible for planning, managing, maturing, and supporting the day-to-day operations and continued evolution of the organization's cybersecurity monitoring and incident response program.This self-driven leader is expected to be a subject matter expert with demonstrated experience in building a cyber security operations program that includes: IOA and IOC alert development and triage best practices, security logging, cyber incident response, threat intelligence, threat hunting, cyber forensics, Blue, and Purple Team activities. The individual will lead and own overall accountability for timely and appropriate response to security threats and incidents. DIMENSIONS:• Lead, manage and mature the people, process, and technologies critical to a high performing 24x7x365 cybersecurity monitoring and incident response operations center.• Develop and direct the Incident Response Plan and program ensuring continuous maturity of cybersecurity analyst skillset, program response playbooks, and technical platforms. • Conduct regular cyber table-top simulations and educational sessions with cybersecurity analysts and stakeholders• Lead and mature the design, build, maintenance and support of the security monitoring platforms and solutions• Direct the building and tuning of custom use cases, alerts, dashboards, reports on each of security monitoring platform based on a cybersecurity best practice and business needs• Drive strategy, define and maintain the roadmap for the adoption, expansion, and integration of the security monitoring platforms• Direct and mature the organizations case management including quality reviews and maturing of response practice and alert disposition• Define and maintain dashboards, SLAs, and reportable trending metrics that support the effectiveness of the Incident Response Program and Cyber Security Operation Center maturity efforts.• Provide cyber security briefings, status updates, and consultancy to various audiences, including technical and executive leadership teams. This includes process recommendations based on alerting visibility and response metrics. • Provide leadership for incident response investigations, coordinate response activity and brief senior leaders while maintaining high integrity and confidentiality• Design cyber event monitoring and response policies, processes, practices, guidelines, standards, and baselines that are mapped directly to business risks to measure for effectiveness and adherence.• Partner and communicate with multiple leaders across Security, Threat Intelligence, Information Technology, Business Units, key stakeholders and executive leadership to identify and plan cybersecurity response initiatives. • Liaise with Compliance, Legal Services, Human Resources, and law enforcement as needed. • Collaborate with stakeholders such as Crisis Management and Business Continuity to support security larger initiatives, assessments, and resilience testing. • Responsible for the performance management of team members, including disciplinary actions and hire/fire recommendations• Responsible for talent development, including regular 1:1s, team meetings quarterly performance conversations, career pathways conversations, and individual development/growth plansEssential Business Experience and Technical Skills:• Demonstrated self-drive leadership, teamwork, collaboration, and effective communication skills - both written and verbal.• Ability to react appropriately and lead during stressful and ambiguous situations and communicate clearly to senior leadership when the situation requires• Demonstrated strong analytical, problem-solving, and decision-making skills• 5+ years of leadership experience managing teams and programs responsible for cyber security event monitoring and incident response. Preferred experience as a leader with previous hands-on knowledge as senior cyber security analyst, senior security engineer of endpoint, network, or security logging technologies prior to becoming a manager.• 8+ years of experience in two or more of the following security technologies:• Domain Boundary Protection• Network Security Policy• Endpoint Detection & Response• Endpoint Security Policy• Security Logging & Content Creation• Security Incident Event Management• Security Forensics and Investigations• 5+ years of experience as senior cyber security engineer or senior cyber security analyst• 5+ years of troubleshooting and investigating complex issues within a highly regulated and secure environment.Experience working with change management controls is required. • Working knowledge of various industry security standards and frameworks including: NIST, ISO 27001, ISF Standard of Good Practice (SoGP), etc. • GIAC Security Operations Manager (GSOM) Certification• MGT551: Building and Leading Security Operations Centers• MGT553: Cyber Incident Management• Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, OSCE, or other relevant industry certification and/or desire to obtain such certifications.Preferred:• Bachelor’s degree in Computer Science, Information Systems or at least 5yrs of experience in related field. • Knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses. • Experience with scripting languages such as Powershell, Python, VBScript, and Bash. • Experience supporting or leading network security environment for large financial institutions including a national or global environment extending across multiple countries and time zones• Experience working within DevOps and Agile environmentJob Environment:• Remote working and remote options are available.• Office setting with physical proximity to other employees is also intermittently required. • Some background noise from other employees and their activities can be expected. PHYSICAL DEMANDS:• Able to work all hours scheduled, including unscheduled overtime as directed by manager/supervisor and required by business need. • Must be able to comprehend and carry out verbal and written instructions. • Job requires a substantial amount of sitting. • Use hands and fingers to press keys on a computer keyboard to enter or retrieve information.• Use hands and fingers to press telephone keypad and lift telephone receiver. • Must be able to comprehend phone calls. • Must be able to lift 5 pounds. SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law. DisclaimerState Employees' Credit Union reserves the right to fill this role at a higher/lower level based on business need.Expected salary:Location: Raleigh, NCApply for the job now! Apply tot his job