Threat Detection Lead, Security Operations (US Remote)

Company Description

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realise their financial goals and help them save time and money.

We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com

Job Description

The Threat Detection Lead, Security Operations is an essential part of Experian's Cyber Fusion Center (CFC). The first assessment on security incidents are conducted by Level 1 Analysts, and when necessary they will escalate the case to the Lead, who will then perform a more in-depth analysis and further evaluation of network security threat activities. The Lead also supports the development of new analytic methods and content, conducts impact analysis, and proposes remediation actions.

What you'll be doing

• Provide leadership to level 1 analysts, including feedback on quality of work, driving case quality
• Collaborate with external teams for incident resolution and escalations, ensuring questions from Experian users are answered promptly
• Support the strategic plans and projects that drive the overall Information Security goals
• Track tactical issues in the execution of CFC responsibilities and report to management any issues that could affect the CFC
• Provide recommendations for security tools resulting in increased security posture or fidelity rate efficiency
• Author and maintain Standard Operating Procedures (SOPs) and training documentation to include improvements and evergreen process
• Assist management with responding to audit questions by providing evidence of processes and procedures
• Assist the Cyber Threat Intelligence (CTI) and content development teams on use case development by suggesting enhancements or new use cases to improve the security posture of Experian
• Participate in proof-of-concept projects with the security engineering team to ensure the CFC is adequately represented
• Respond and support the Tier 1 team; perform in-depth analysis on escalated events, provide severity rating, initiate the major incident response process as needed, and document actions taken. Explain the event's history, status, and potential impact for further action following our cyber incident response plan
• Coordinate with enterprise-wide cyber defense staff to validate security control alerts
• Perform cyber defense trend analysis and reporting
• Plan and recommend modifications or adjustments based on exercise results or system environment
• Provide cybersecurity recommendations to leadership based on threats and vulnerabilities
• Monitor the environment longitudinally for long-term pattern detection
• Organize quarterly tabletop exercises with the team
• Review, approve, and share new content information within SLAs
• Maintain scheduling and shifts to ensure 24x7x365 coverage

Qualifications

What your background looks like

• 5+ years' experience in threat detection or security operations and response roles
• Demonstrate expert technical skills that are needed to defend the enterprise environment, such as:
  • In-depth packet analysis skills, core forensic familiarity, incident response skills, and data fusion skills based on multiple security data sources
  • Scripting and automation
  • System administration on Unix, Linux, or Windows
  • Network forensics, logging, and event management
  • Defensive network infrastructure (operations or engineering)
  • Vulnerability assessment and penetration testing concepts
  • Malware analysis concepts, techniques, and reverse engineering
• In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners)
• Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others
• Demonstrated ability to work in a team environment and able to train and coach other team members
• Excellent verbal and written communications skills and ability to produce security incident reports and briefings to both technical and non-technical audiences
• Able to work on a 12x7 shift rotating schedule
• Relevant technical and industry certifications are a plus, e.g. Comptia, GIAC certifications, CISSP, OSCP, or SIEM vendor-specific certifications

Perks

• 20 days of vacation accrued annually, five sick days, and two volunteer days (plus twelve paid holidays)
• Great compensation package and comprehensive benefits package, with a bonus target of 15%
• This role can be 100% remote long-term, or you can work out of one of our offices
• People-focused culture where personal and professional growth is prioritized
• Recognition and celebration of performance and achievements
• Power to bring your whole self to work – where your differences and values will be respected and celebrated
• Employee Resource Groups set up and run by employees, for employees. These networks build, celebrate, and further understanding of the diverse identity and experiences within Experian, in support of our commitment to diversity and inclusion
• International network of peers; mentorship programs

Additional Information

Our uniqueness is that we celebrate yours. Experian's culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experian's people first approach is award-winning; Great Place To Work™ in 24 countries, FORTUNE Best Companies to work and Glassdoor Best Places to Work (globally 4.4 Stars) to name a few. Check out Experian Life on social or our Careers Site to understand why.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.