Threat Detection Lead, Security Operations (US Remote)
., ., United States
Experian
Experian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO® score.Company Description
Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realise their financial goals and help them save time and money.
We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments.
We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com
Job Description
The Threat Detection Lead, Security Operations is an essential part of Experian's Cyber Fusion Center (CFC). The first assessment on security incidents are conducted by Level 1 Analysts, and when necessary they will escalate the case to the Lead, who will then perform a more in-depth analysis and further evaluation of network security threat activities. The Lead also supports the development of new analytic methods and content, conducts impact analysis, and proposes remediation actions.
What you'll be doing
- Provide leadership to level 1 analysts, including feedback on quality of work, driving case quality
- Collaborate with external teams for incident resolution and escalations, ensuring questions from Experian users are answered promptly
- Support the strategic plans and projects that drive the overall Information Security goals
- Track tactical issues in the execution of CFC responsibilities and report to management any issues that could affect the CFC
- Provide recommendations for security tools resulting in increased security posture or fidelity rate efficiency
- Author and maintain Standard Operating Procedures (SOPs) and training documentation to include improvements and evergreen process
- Assist management with responding to audit questions by providing evidence of processes and procedures
- Assist the Cyber Threat Intelligence (CTI) and content development teams on use case development by suggesting enhancements or new use cases to improve the security posture of Experian
- Participate in proof-of-concept projects with the security engineering team to ensure the CFC is adequately represented
- Respond and support the Tier 1 team; perform in-depth analysis on escalated events, provide severity rating, initiate the major incident response process as needed, and document actions taken. Explain the event's history, status, and potential impact for further action following our cyber incident response plan
- Coordinate with enterprise-wide cyber defense staff to validate security control alerts
- Perform cyber defense trend analysis and reporting
- Plan and recommend modifications or adjustments based on exercise results or system environment
- Provide cybersecurity recommendations to leadership based on threats and vulnerabilities
- Monitor the environment longitudinally for long-term pattern detection
- Organize quarterly tabletop exercises with the team
- Review, approve, and share new content information within SLAs
- Maintain scheduling and shifts to ensure 24x7x365 coverage
Qualifications
What your background looks like
- 5+ years' experience in threat detection or security operations and response roles
- Demonstrate expert technical skills that are needed to defend the enterprise environment, such as:
- In-depth packet analysis skills, core forensic familiarity, incident response skills, and data fusion skills based on multiple security data sources
- Scripting and automation
- System administration on Unix, Linux, or Windows
- Network forensics, logging, and event management
- Defensive network infrastructure (operations or engineering)
- Vulnerability assessment and penetration testing concepts
- Malware analysis concepts, techniques, and reverse engineering
- In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners)
- Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others
- Demonstrated ability to work in a team environment and able to train and coach other team members
- Excellent verbal and written communications skills and ability to produce security incident reports and briefings to both technical and non-technical audiences
- Able to work on a 12x7 shift rotating schedule
- Relevant technical and industry certifications are a plus, e.g. Comptia, GIAC certifications, CISSP, OSCP, or SIEM vendor-specific certifications
Perks
- 20 days of vacation accrued annually, five sick days, and two volunteer days (plus twelve paid holidays)
- Great compensation package and comprehensive benefits package, with a bonus target of 15%
- This role can be 100% remote long-term, or you can work out of one of our offices
- People-focused culture where personal and professional growth is prioritized
- Recognition and celebration of performance and achievements
- Power to bring your whole self to work – where your differences and values will be respected and celebrated
- Employee Resource Groups set up and run by employees, for employees. These networks build, celebrate, and further understanding of the diverse identity and experiences within Experian, in support of our commitment to diversity and inclusion
- International network of peers; mentorship programs
Additional Information
Our uniqueness is that we celebrate yours. Experian's culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experian's people first approach is award-winning; Great Place To Work™ in 24 countries, FORTUNE Best Companies to work and Glassdoor Best Places to Work (globally 4.4 Stars) to name a few. Check out Experian Life on social or our Careers Site to understand why.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Automation CISSP CompTIA Cyber defense Firewalls Forensics GIAC IDS Incident response IPS Linux Malware Monitoring Network security OSCP Pentesting Reverse engineering Scripting SIEM SLAs Threat detection Threat intelligence UNIX Vulnerabilities Windows
Perks/benefits: Career development Equity / stock options Insurance Salary bonus Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Threat intelligence-related jobs
- Open DoD-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open TS/SCI-related jobs