Procter & Gamble Cyber Security Defense Operations Manager in Warsaw, Poland
Cyber Security Defense Operations Manager The Cyber Security Defense Operations Senior Manager is responsible for coordinating the deployment and allocation of Cyber Security personnel and capabilities to ensure the 7x24 security of the enterprise. Responsible for the day-to-day operations of the Cyber Defense Operations team, and of the management systems, security event monitoring systems, malware detection and enterprise-level antivirus solutions/systems, and forensic investigations. This role provides direction to both the senior and non-senior analysts, third parties supporting the Cyber Defense Operations team, serves as a liaison to: Engineering; Identity and Access Management; Network Operations; Legal; and Human Resources.
Essential Responsibilities: · Lead the Cyber Security Incident Response Team and coordinate Cyber Security's investigation during an incident, including communications between Cyber Security and other groups e.g. progress reports to stakeholders, investigative teams, management, and system/application owners. · Investigate data loss incidents, network intrusion incidents, key vulnerabilities, and employee and supplier misconduct allegations in collaboration with the larger Incident Response Team to include General Counsel and human resources stakeholders. · Serve as the team SME, with excellent knowledge of emerging threats and vulnerabilities. · Assist with the management and coordination of the Global Cyber Security Defense Operations team. · Identify operational, and tactical cyber intelligence to improve security operations and support efforts to prepare for, monitor, detect, analyze, contain, remediate, and recover from security incidents. · Identify process improvements that support the protection of computers, networks, software, data and information systems against possible attacks. · Provide technical guidance and support the implementation and on-going operations support of new security solutions. · Conduct research of emerging security threats. · Lead compliance efforts for Cyber Defense Operations metrics and reporting capabilities. · Provide guidance on host forensic investigations. · Manage response to alerts from various monitoring systems and platforms to address potentially malicious events in a timely manner.
*Technical Competencies and Experience: * · Experience designing and operating one or more of the following SOC solutions: · SOC/SIEM solutions: FireEye, ZScaler, Exabeam, McAfee EPTM, Wazuh, · Service manager solutions: ServiceNow, Archer · Forensics solutions: Magnet Axiom & Axiom Cloud, NUIX, EnCase, Autopsy · Experience and understanding of the Information Security Environment, Concepts and Operations: · Deep experience with information security in the domains of cyber threat intelligence and analysis, security monitoring and incident response. · Demonstrated ability to guide, mature and work with the security operations team to build a best-in-class security operations center · Experience applying structured analytical methodologies to threat monitoring and intelligence analysis. · Knowledgeable in the development of incident response playbooks, ensuring response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats. · Understanding of global laws and regulations as it pertains to information assets. · Experience with Network protocols and packet analysis tools. · Solid understanding of cloud based critical infrastructure systems security threats · Serve as a subject matter expert (SME) for performing security and threat assessments. · Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures. · Experience with automating manual processes related to audit and compliance. · Exhibit a broad knowledge and adherence to security policies and procedures. · Strong understanding of compliance requirements that may impact security and works with business areas and project teams to develop security solutions that address these requirements. · Preferred Certifications: CISSP, CCNA, EnCE, GCIH, GCFE, GCFA, OSCP
Qualification Requirements · Bachelor’s degree in Information Systems, Information Technology (IT), Computer Science, Engineering, or other technical/IT field and/or at least 7 years of relevant experience. · Available to work off hours during the evenings and weekends as required, sometimes with little advanced notice. · All Information Security roles require CISSP certification. Candidates without the certification must be able to pass the exam within the first 15 months of starting the role. P&G provides study preparation and exam cost coverage. · Role requires working from the Procter & Gamble Warsaw, Poland location.
Job: Information Technology
Title: Cyber Security Defense Operations Manager
Requisition ID: IT 00001451