Director of Incident Response Threat Vulnerability Management

Telecommuter

Applications have closed

Planned Parenthood

Planned Parenthood Federation of America is a nonprofit organization that provides sexual health care in the United States and globally.

View company page

Planned Parenthood Federation of America (PPFA) is the national umbrella organization for the nation’s leading network of women’s health care providers, educators, and advocates, serving women, men, teens and families. Planned Parenthood Action Fund (PPAF) is the advocacy and political arm of PPFA. For over 100 years, Planned Parenthood has done more than any other organization in the United States to improve women’s health and safety, prevent unintended pregnancies, and advance the right and ability of individuals and families to make informed and responsible health care decisions.  
Planned Parenthood Federation of America (PPFA) seeks a dynamic and effective Director of Incident Response (IR) Threat Vulnerability Management for working within the InfoSec Operations group. This job reports directly to the Sr. Director, InfoSec Operations in the Information Security division of PPFA. PPFA Information Security provides the strategy and implementation of the information security program that safeguards the data entrusted to Planned Parenthood by its patients, supporters, donors and staff. 

Purpose

  • The Director of Incident Response Threat Vulnerability Management will be responsible for building and maintaining a fully mature enterprise-wide Vulnerability, Incident Response and Cyber Threat Management program. This role is challenged with the responsibility of identifying, triaging, filtering, and documenting vulnerabilities and threats across the enterprise and working with business unit partners to harmoniously resolve security matters. In addition, this role will be responsible for the continued production, support, implementation, and tracking of vulnerability management, penetration testing activity, and threat management workflows. The chosen candidate for this role will also be tasked with responding, if necessary, to events/incidents on a 24x7 basis.
  • This position will also have operational responsibility in the disciplines of incident response while advancing the program development of key risk and performance indicators in support of compliance metric tracking and reporting procedures. You are ultimately responsible for incident response leadership and coordination for product and enterprise cyber security incidents. You will be building, augmenting, and integrating threat detection and remediation capabilities into security operations to address emergent cyber threats to PPFA products, services, data, and infrastructure.
  • The Director of Incident Response Threat Vulnerability Management will work within a multi-disciplined Information Security team. The Director is expected to have a thorough understanding of complex systems and stay up-to-date with the latest security standards, products, and knowledge of the evolving threat landscape. The Director is also responsible for fostering trusted partnerships and relationships with the PPFA business application owners

Delivery and Engagement

  • You have extensive experience collaborating with the external security research community and cultivating durable relationships with external agencies and companies to produce a pipeline of high-quality threat intelligence.
  • You identify anomalies or patterns in vulnerability scans, penetration tests, and logging and event management results that may indicate pre-incident indicators, ineffective processes, procedures, standards and recommend and communicate findings, both in written reports and in presentation format, to the Information Security Team and business unit partners
  • You ensure the development of robust alerting and reporting mechanisms to potential cyber threats and will oversee and augment product and enterprise security response operations.
  • You ensure consistent evaluation of scan results identifying immediate threats, assessment of risk and corrective actions for a large volume of assets using an established information security assessment methodology.
  • You drive key findings and root cause analysis improvements with key senior leadership across the company.
  • You brief executive leaders on potential emergent threats and ongoing efforts to resolve active cyber security incidents and investigations.
  • You develop strategies for long term integration and reporting of threats and IoC’s from multiple attack surfaces, such as but not limited to: user behavior, identity abuse, malware, external threat actors, data leakage, and data abuse.
  • You coach and mentor teams across functions in effectively running incident response tabletop exercises, mock drills, and other readiness activities.
  • You partner with vendors and service providers to orchestrate penetration testing, red teaming, and organize deception use cases for continuous strengthening of posture.
  • You work with executives across department lines in developing product vulnerability remediation and incident response.
  • You mature and continuously benchmark the PPFA incident response playbook and serve as the principal liaison with vendor partners, Affiliate IT Leadership, and closely partner with GSS, OGC, Communications, and business functions.

Knowledge, Skills, and Abilities (KSAs): : Reporting to the Sr. Director InfoSec Operations, these are the traits that mark a strong candidate as part of our InfoSec Operations leadership team.

  • Bachelor's degree from an accredited college/university or equivalent experience; CISSP, CEH, CPT, CISM, CISA, CIPP, GIAC, GSEC, and/or GCFW certification is preferred
  • 7 years of work experience in leading threat detection, incident response, digital forensics, and vulnerability mitigation in an Information Security Operations capacity or in a related field such as IT/network incident response and vulnerability remediation.
  • Experience with security incident response of broad-based cyber threats to included but not limited to a firm understanding of digital forensics and the industry best practices for Incident Response and Executive reporting for lessons learned.
  • Drive to learn new things about vulnerability management, exploits, hacker techniques, and overall security operations.
  • Experience coordinating security incident meetings, dividing responsibilities, and influencing key stakeholders to resolve security incidents.
  • Extensive experience and strong understanding of multiple forms of Indicators of Compromise (IoCs) and corresponding capabilities to detect, alert on them, and share information across business partners.
  • Extensive experience with Security Response frameworks and organizational models.
  • Extensive experience with Annual Threat Assessment and Control Gap Analysis.
  • Extensive experience with building and reporting on Key Performance Indicators (KPI), Key Risk Indicators (KRI) and establishing thresholds with corrective actions.
  • Exceptional knowledge of the external security community’s culture and mindset.
  • Excellent relationship building skills across diverse cross-functional teams.
  • Exceptional written/oral communication skills. 

Travel

  • Telecommute with 10% travel for conferences and annual team meetings 
Starting salary: $155K
#LI-SY1

Final offers for this job will be based on capabilities and will be made within the parameters of the PPFA compensation program. Total offer package to include generous vacation + sick leave + paid holidays, individual/family provided medical, dental and vision benefits effective day 1, life insurance, short/long term disability, paid family leave and 401k. We also offer voluntary opt in for Flexible Spending Account (FSA) and Transportation/Commuter accounts.   
We value a truly diverse workforce and a culture of inclusivity and belonging. Our goal is to attract qualified candidates and encourage applications from all individuals without regard to race, color, religion, sex, national origin, age, disability, veteran status, marital status, sexual orientation, gender identity, or any other characteristic protected by applicable law.  We're committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation.
PPFA participates in the E-Verify program and is an Equal Opportunity Employer
#LI-SY1*PDN-HR
If denoted as NYC, DC, or both, this position is usually located in our New York City or DC office, but is remote while offices remain closed due to the COVID-19 pandemic.

Tags: CEH CIPP CISA CISM CISSP Compliance Exploits Forensics GIAC GSEC Incident response Malware Pentesting Security assessment Strategy Threat detection Threat intelligence Vulnerabilities Vulnerability management Vulnerability scans

Perks/benefits: Conferences Flex hours Flexible spending account Flex vacation Health care Insurance Medical leave Team events

Region: Remote/Anywhere
Job stats:  13  3  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.