• Lead and coordinate remediation efforts from Vulnerability Management & Security Monitoring/SOC program
  
• Collaborate with SOC to tune SIEM alerts, rules, maintenance jobs, etc. to minimize false positives and noise while ensuring relevant security information is captured and visible
  
• Collaborate in the definition of metrics, SIEM reports, dashboards and scorecards used for management status and statistical reports; analyzing reports and making recommendations for improvements and present security results and status report to upper management/other IT and Business Groups and develop security risk analysis scenarios and response procedures
  
• Collaborate and act as lead (when required) in day-to-day operations and management of deployed security technologies
  
• Support the execution of penetration testing and perform post-mortem of test results in driving the design and implementation of security controls.
• Perform complex incident investigations based upon events working with other technical and business areas to resolve incidents
  

Escalation point for the Security Operation Center for security incidents

• Identify, communicate & lead the planning and the execution of new security initiatives for current and future projects
  
• Act as SME for operationalized security initiatives and program components (e.g. patch management)
  
• Participate in developing and co-ordinate the realization of security initiatives & solutions to protect IT landscape from the Security & Privacy perspective; emphasizing the requirements to protect the companyâ??s end user devices worldwide from malware, hacking attempts or any other type of malicious activity
  
• Collaborates across operational teams on security solutions, projects and priorities.
• Provides guidance and expertise as necessary
  
• Collaborate on the patching process including vendor security notifications, patching status and compliance to standards. Formalize the security process, so those processes deliver to the goals defined.
• For all current and future projects
  
• Support the translation of requirements into security policies for approval & subsequent implementation as well as the maintenance of those
  

Support other Security & Privacy initiatives within

• Participates with architecture and design teams to contribute security requirements. Identifying areas where existing security architecture require change or development
  
• Collaborate in the development of security awareness and compliance training programs, providing communication and training as needed. Ensuring program and content remains relevant to changing conditions
  
• Creates information security documentation as necessary. Create SOPâ??s and other work instructions for the resolution of security events by Service Desk and other support teams, as necessary
  
• Participate in setting the direction for infrastructure wide security projects, roadmaps and strategies. Ensuring alignment with Security & Privacy and global strategies
  

Occasional international travel might be required

Performs other related duties as assigned.

Education/Certifications

• Bachelor??s degree in computer science preferred or the equivalent combination of education, training, or work experience.
  
• 6-8 years Information Technology experience and requires 3 or more years of IT security and operations risk management experience.
  
• Desirable certification(s) include, Security+, GCIA, GCIH, CISSP, EC-Council Certified Ethical Hacker. Experience with cyber security standards. NIST, FISMA, ISO, NERC et al.
  

Experience

• Experience managing large amounts of information, including monitoring security risks, conducting security audits, monitoring security exceptions, assessing new systems for security risks, and synthesizing information in actionable and publishable reports.
  
• Experience in enterprise security architecture design, process development and enterprise security document creation.
  
• Proven experience managing small-medium size projects, with the ability to meet deadlines and stay under budget.
  

Knowledge & Skills

• Knowledge and relevant experiences in leveraging SCCM or other tools for enterprise roll-out preferred
  
• Knowledge and relevant experiences to harden Windows OS and other client applications (e.g. Adobe, JAVA) preferred
  
• Knowledge and relevant experiences with 3rd party patch management tools preferred (e.g. Secunia, Shavlik, Flexera, Ninite, Lumension, etc)
  
• Knowledge and relevant experiences in latest end user device protection technologies eg. logging, anti-malware protection, sandboxing, zero-day attack prevention preferred
  
• Strong sense of ownership, urgency, and drive
  
• Ability to influence and coach others
  
• Sharp analytical abilities and proven technical architecture design skills
  
• Extensive knowledge of the Windows Security Log and Group Policy Audit Policy, Linux/Unix.
  
• Proven experience in multi-national company and distributed team
  
• Requires in-depth knowledge of security issues, techniques, and implications across all existing computer platforms
  
• Knowledge of networks technologies (protocols, design concepts, access control)