Discovery Inc is the world’s #1 pay-TV programmer reaching 2.7 billion subscribers in more than 220 countries and territories. Global Technology & Operations provides technological infrastructure and operations support to ensure audiences can enjoy Discovery's programming around the world and across platforms. Already a leader in the factual and lifestyle genres, Discovery has expanded its core business into new genres: sports, entertainment and kids. Its platforms and product eco-systems are now engaged in terrestrial/free-to-air, OTT products and content development/production companies.
The Security Operations Center Manager role requires strong leadership, technical knowledge, and prior management/team lead experience in a SOC using a wide variety of security tools for monitoring a large-scale enterprise environment. The position is expected to cover a 24x7 global Operations.
This role requires a highly motivated manager who possesses a strong leadership background and the ability to manage a diverse team of Security Analysts and interact with other teams regularly. This individual must be able to engage as required (including holidays and weekends) to assemble his / her team to act as a tactical team at time of major incident. This role requires the manager to provide appropriate updates to his/her management regarding security event handling, trends, analysis, incident response resolutions and lessons learned.
The successful candidate must be able to demonstrate the proper knowledge and leadership skills to support the role. Most importantly this individual must have very good communication skills, including the ability to write and verbally articulate industry terminology to successfully brief management staff. To best perform this role, the candidate must be up to date on current vulnerabilities, attacks, and countermeasures, along with all security-related news and developments. The ideal candidate will be a technically experienced and an innovative security professional who has the ability and experience to lead a team of security professionals and execute broad security goals within a global team.
This position can be based in Sterling, VA or Knoxville, TN.
1. Work closely with Security Leadership to identify and implement process changes, improvements, and efficiencies to ensure solid security practices.
2. Lead the team by providing direction and guidance to team members in handling issues
3. Document changes and exceptions to the configuration of the security systems
4. Follow the defined standard operating procedures related to the security systems (e.g. change management, etc.)
5. Identify malicious or anomalous activity based on event data from firewalls, WAF, IPS, and other sources.
6. Work with other teams to identify, resolve, and mitigate vulnerabilities in their systems.
7. Perform analysis of log files and data outputs. Perform triage of incoming issues using a ticket tracking system.
8. Provide tuning recommendations of security tools based on traffic patterns.
9. Produce and review daily and weekly metrics for security events.
10. Create wiki articles to document incident handling and investigation procedures.
11. Stay up-to-date with trends in the information security community including new vulnerabilities, methodologies, and products.
12. Perform tech talks and other awareness campaigns to spread security knowledge throughout Indeed.
13. Other tasks as assigned
14. Subject Matter Expert-level skills in Incident Response and IDS/IPS Monitoring, Forensics, Malware Analysis
* 4+ Years in the security field or management equivalent
* Bachelors’ degree preferred, 5 years equivalent experience without degree, or associates and 2 years in field
* Certifications: CISSP, CSA, GISF, GSEC, GMON, Security +, CEH, GCIA, CCNA
* Understanding of and able to reference NIST framework, CSC framework, CSF framework, ITIL, COBIT, PCI, HIPAA, SOX and ISO 2700x.
* Experience with the selection, implementation, and management of enterprise security technologies, including SIEM, anti-virus, EDR, DLP, IDS/ IPS, vulnerability scanners, configuration management, and encryption
* Experience with leading the development, implementation, and management of processes that ensure security countermeasures and monitoring are effective and sustained on all applicable systems.
* Experience with leading the development, implementation, and management of incident response plans and response activities.
* Ability to independently complete tasks and projects, quickly and accurately, with minimum supervision.
* Candidate must be able to engage at any time to respond to an incident.
* This position is considered an essential position. This means that during times of inclement weather, emergencies, or when access to the workplace may be impeded, that employees in this position are expected to report to work to support business continuance, unless otherwise instructed by his/her direct manager.
* Must have the legal right to work in the United States
Sterling, Virginia, VA, Knoxville, Tennessee, KX, TN