Gartner Director, Security Operations in Irving, Texas

Director, Security Operations

Irving, TXRegular Full-time

Apply nowJob Description:

Manage the security operations center to ensure security threats are identified and addressed expeditiously

  • Partner with the CISO leadership team to set and drive an adaptive security monitoring and response strategy

  • Manage a security event detection sensor grid across a hybrid on-premise and cloud technology ecosystem

  • Manage the end-to-end incident response program, including incident management, playbook automation, and participation in “Red vs Blue” team testing activities

  • Manage and operate a continuous threat and vulnerability management program, improving time to address critical threats

  • Lead security investigations with key stakeholders such as HR, Legal, Align security operations measurements and dashboards to Key Risk Indicators

  • Oversee operations of key security technology services and products

  • Maintain strong relationships with external operations, incident response and forensics partners

  • Lead a global, results-driven, high-performing team focused on business-enabling security

  • Protects the company from a wide-variety of business risks ranging from financial loss, regulatory fines and penalties, loss of intellectual property, and/or brand/reputation risk

  • Routine internal/external engagement at multiple levels: business leaders, technologists, chief information security officer (CISO), chief information officer (CIO), etc.

Job Requirements:

  • Bachelor’s degree in Information Systems, Information Technology, or equivalent.

  • 10 years of experience in a security and technology

  • 5 years of experience in a leadership role

  • 3 years of experience managing a global SOC

  • Experience with SOC measurement, automation and orchestration technologies and processes

  • Experience leading incident response and forensics investigations

  • Experience with proactive threat hunting

  • Strong interpersonal and communications skills; able to work in a collaborative, team-oriented environment

  • In depth knowledge of attacker methodologies and containment strategies

  • Strong understanding of networking architectures and routing, OS, and application security

  • Strong understanding of SIEM technologies and complementary toolsets

  • Proficient in security monitoring use case development

  • Able to review log files, conduct correlations, and synthesize analyses

Job ID00017329