The Security Operations & Incident Response Team’s mission is to preserve the confidentiality, integrity and availability of our assets by identifying operational and security risks; and collaborating with business, functional, and customer stakeholders to develop plans that manage risk to acceptable levels. We are currently seeking a SOC/CIRT Manager to join our team.
- Oversee tier 1-3 analysts daily tasking.
- Ensure effective supervision of the incident management lifecycle
- Identify chronic operational and security issues, and ensure they are managed appropriately.
- Manage and escalate roadblocks that may jeopardize security monitoring operations, infrastructure, and SLAs.
- Serve as a mentor to SOC/CIRT staff.
- Interface and collaborate with teams both internally and externally.
- Document, develop, and track analyst training requirements.
- Manage the process improvement lifecycle for SOC/CIRT processes.
- Play a significant role in long-term SOC strategy and planning, including initiatives geared toward operational excellence
- Serve as focal technical lead on incident events and incidents.
- Must be technical, hands-on, and also capable of serving as the primary point of contact with management
- Lead the investigative process for network intrusions and other cyber security incidents to determine the cause and extent of the breach.
- Summarize events/incidents effectively to different constituencies such as legal counsel, executive management and technical staff, both in written and verbal forms.
- Managing the chain of custody for all evidence collected during incidents, security, and forensic investigations -
Bachelor’s Degree in Information Security, Computer Science or equivalent; or 7 years comparable work/military experience a plus
- Managing a diverse, international staff preferable
- Strong background in security operations, process, solutions and technologies
- Experience interfacing with other internal or external organizations regarding incident response situations
- 5+ years of experience in security incident handling and forensics skills including knowledge of common probing and attack methods, network/service discovery, system assessment, viruses and other forms of malware.
- Experience mitigating and addressing threat vectors including Advanced Persistent Threat (APT), Distributed Denial of Service (DDoS), Phishing, Malicious Payloads, Malware, etc.
- Knowledge of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks, compromise, and exfil.
- Excellent verbal communication skills, strong analytical and organizational skills. Strong analytical and problem solving skills a must.
- Ability to manage expectations for projects and programs in conjunction with the information security team
- Demonstrated initiative, dependability, and ability to work with little supervision
- Have or the ability to acquire a US government clearance a plus
- Travel (including international) is possible. Evening and weekend hours expected during incidents
At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With more than 45,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.
As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.
Intrigued by a challenge as large and fascinating as the world itself? Come join us.
To learn more about what we offer, please visit thomsonreuters.com/careers.
More information about Thomson Reuters can be found on thomsonreuters.com.