Manager, GSOC Cyber Signal Engineering - 100% US Remote

Allen, TX, United States

Full Time Senior-level / Expert USD 62K - 115K *


Experian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO® score.

View company page

Company Description

Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been name in the 100 “World’s Most Innovative Companies” by Forbes Magazine.

Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been name in the 100 “World’s Most Innovative Companies” by Forbes Magazine.

Job Description

Global Security Operations Center’s mission is to protect the confidentiality, integrity, and availability of all Experian assets by executing and maintaining the incident response framework. The GSOC proactively and iteratively identify new attacks or attacks underway and then coordinate containment and remediation to minimize the impact as quickly as possible. The GSOC recognizes the importance of effective and efficient content to generate high fidelity alerts and investigations. The Cyber Signal Engineering Manager will be responsible for curating, prioritizing, and driving closure on all the GSOC content development tasks and use case requests based on the mission requirements and future initiatives.



·       Develop and mature a world class cyber threat content research and development team.

·       Support operational leadership tasking as it relates to content development functions and responsibilities.

·       Lead a highly skilled and motivated team of threat content developers

·       Manage and maintain operational content for global threat detection and liaison as the primary point of contact for the GSOC with security engineering and external stakeholders.

·       Performing activities within the use case life cycle and MITRE ATT&CK Framework prioritized by cyber threat intelligence and situational awareness.

·       Drive MITRE ATT&CK roadmap and threat informed use cases across all security tooling, and highlight required log sources for operationalizing rules

·       Stay on top of ongoing cyber threats and embed intelligence driven incident response by producing emerging content derived from IOCs and TTPs.

·       Drive research and development of use case creation and refinement of rules and logic within SIEM/UEBA/EDR platforms to improve GSOC efficiency and effectiveness.

·       Proactive housekeeping and documentation of associated use cases with consideration for revisions, decommissioning, and metrics and reporting.

·       Effectively collaborate with colleagues and the other security functions and product SMEs internally and externally to identify gaps within the existing analytical capabilities.

·       Acting as the liaison to fulfill audit, regulatory compliance as well as corporate security policy requirements.



Required Experience: 5 years’ experience in the following areas:

·       Working knowledge of SIEM technologies and an understanding of their underlying content and alerting logic

·       In-depth packet analysis skills, core forensic familiarity, strong incident handling/incident response/security analytics skills, and data fusion skills based on multiple security data sources

·       Defensive network infrastructure (operations or engineering)

·       Malware analysis concepts, techniques, and reverse engineering

·       In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and continuously improve these skills

·       Deep understanding of security monitoring technologies, such as WAF, Web Proxies, UEBA, DLP, among others.

·       Extensive knowledge of MITRE ATT&CK framework and its uses.

Demonstrates behavioral skills, such as:

·       Demonstrated ability to work in a team environment, able to train and coach other team members

·       Excellent verbal and written communications skills and ability to produce clear and thorough security incident reports and briefings.

·       Strong logical thinking abilities, especially with content logic

·       Excellent analytical and problem-solving abilities

·       Excellent organizational and attention to details in tracking activities within various Security Operation workflows.

·       Well established client-focused communication skills that requires to read, review, investigate, and summarize reports on complex issues, in a manner that can be understood by non-technical readers.

·       Ability to lead content discussion around incident investigation efforts and effectively coordinate communications.


Desired Experience:

·       3+ years of information security related experience, in areas such as: security operations, incident analysis, incident handling, vulnerability management or testing, system patching, log analysis, intrusion detection, or security device administration.

·       Relevant technical and industry certifications are a plus, e.g., CompTIA, GIAC certifications, CISSP, OSCP, SIEM vendor-specific certifications.

·       A bachelor’s degree is not required, but a degree program with an emphasis on the technical aspects of cybersecurity is very beneficial.

Additional Information

All your information will be kept confidential according to EEO guidelines.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and and it reflects what we believe.  See our DEI work in action!

Please contact us at to request the salary range of this position (please include the exact Job Title as it reads above in your email). In addition to a competitive base salary and variable pay opportunity, Experian offers a comprehensive benefits package including health, life and disability insurance, generous paid time off including 12 company paid holidays and parental and family care leave, an employee stock purchase plan and a 401(k) plan with a company match.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

* Salary range is an estimate based on our salary survey 💰

Tags: Analytics CISSP Compliance CompTIA EDR Firewalls GIAC IDS Incident response Intrusion detection Log analysis Malware MITRE ATT&CK Monitoring OSCP Reverse engineering SIEM SOC Threat detection Threat intelligence TTPs Vulnerability management

Perks/benefits: 401(k) matching Competitive pay Equity Flex vacation Health care Insurance Parental leave

Regions: Remote/Anywhere North America
Country: United States
Job stats:  20  2  0
  • Share this job via
  • or

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.