Managing Director, Information Security
ALASKA AIRLINES' STORY
Alaska Airlines is one of the most respected names in aviation and flies throughout its namesake state and the Lower 48, as well as to Hawaii, Canada, Mexico, Costa Rica and Cuba. Our roots date to 1932 and are symbolized by the Alaska Native painted on the tails of our aircraft. Guided by what we call the "Alaska Spirit", we pride ourselves on providing a lifeline to remote communities while delivering renowned service to everyone we fly. This commitment has brought us national and international recognition. We've been honored with a variety of awards by readers of Travel + Leisure, Conde Nast Traveler, USA Today and others. Alaska, with Virgin America, is the premier airline for people on the West Coast, and together with its sister carrier Horizon Air, flies to more than 118 destinations. The two airlines are subsidiaries of Alaska Air Group Inc. (NYSE:ALK) with annual revenues exceeding $7 billion.
The Manager Information Security Threat Defense performs the ongoing development, delivery, and communication of a comprehensive threat defense strategy and roadmap to continuously improve the Alaska Air Group's (AAG's) overall security posture and defense capability.
Scope & Complexity
- This position manages information security threat defense activities for Alaska Air Group (AAG) and its subsidiaries.
- Performs ongoing development, delivery, and communication of a comprehensive threat defense strategy and roadmap to continuously improve the AAG's overall security posture and defense capability.
- Provides vision, direction, and guidance on solutions to technical and complex challenges.
- Leverages deep knowledge of the information security discipline and executes strategy/tactics to deliver desired results.
- Drives budget decisions by maintaining an appropriate technology lifecycle and replacement strategy, processing timely renewals, and managing expenditures to budget.
- Ensures projects are delivered on time, within budget, and meet customer and technical expectations.
- Makes strategic security decisions by leveraging a strong understanding of the business impact of security tools, technologies, settings, and policies.
- Manages the effective use of internal and multiple external team resources and participate in the consultation with various teams for the implementation of technical and administrative changes.
- Actively participates on the IT leadership team.
- Develops, implements, and directs:
- AAG's information security risk assessment program, tailored to specific needs and requirements including presentation of results to leadership and stakeholders.
- Threat exposure management services, including responsibility for threat assessment & defense, and collaborated with stakeholders to facilitate remediation and response.
- Leads the technical response to security incidents and coordinates among internal support teams and external managed security services providers to drive incident resolution.
- Manages and directs the 24 X 7 security monitoring, analysis, response and operations.
- Manages the relationship with internal/external security service providers that support Threat Defense functions.
- Leads the Threat Defense team through coaching, counseling, and development of team members.
- Develops and maintains operating procedures to ensure the team operates in a consistent and cost effective manner.
- Provides after hours, on-call support when critical problems/issues arise.
- Maintains awareness of evolving security threats.
- Performs other duties as assigned.
- A minimum 10 years of IT experience.
- A minimum 8 years of IT security experience within the last ten years.
- A minimum 4 years leading an IT team.
- Experience working with managed security services providers.
- Experience and comprehensive knowledge of vulnerability management, risk assessment, security analysis, security event management, incident response, and forensics.
- Experience with security information and event management (SIEMs), firewalls, data leakage protection, application content filtering, web content filtering, host-based intrusion detection/prevention, network-based intrusion detection/prevention, file integrity monitoring, end point security management, and other security solutions, appliances, and tools.
- Experience with networking protocols (e.g., network, endpoint and cloud security best practices, including computer network defense, attack, and technical intrusion analysis techniques, project management, and security architecture).
- Ability to recognize and build talent effectively.
- Ability to react quickly, decisively, and deliberately in high stress situations.
- Strong communication skills (e.g., verbal, written, and interpersonal) to document and communicate findings, escalate critical incidents, and interact with other teams.
- Highly motivated with the ability to self-start, prioritize, multi-task, and work in a team setting.
- Minimum age of 18.
- Must be authorized to work in the U.S.
Job-Specific Leadership Expectations
- Embody our values to own safety, do the right thing, be kind-hearted, deliver performance, and be remarkable.
- High school diploma or equivalent is required.
- A Bachelor of Arts or a Bachelor of Science degree, with a specialization in information security, computer science or a related discipline, is required.
- Industry recognized professional security certification (e.g., CISSP, GCIH, GCIA, or CRISC) is preferred.
The location for this position is in Seattle, Washington
OUR CULTURE - ALASKA AIRLINES
For eligible employees, our company offers a unique total rewards package that few companies can match, including insurance coverage for medical, dental and vision care, 401(k) retirement savings plans, monthly and annual incentive bonus plans, time off and a generous employee travel program. Each day, we are guided by our core values of Professionalism, Caring, Resourcefulness, Integrity and Alaska Spirit at work and in our communities. Alaska Airlines also fosters a diverse and inclusive culture and is an Equal Opportunity Employer.
A few helpful tips when applying -
~Before applying, we recommend that you clear your browsing history including your temporary internet files and disable pop-up blockers. You can accomplish this by going to the Tools tab.
~Gather your paperwork, including your work history (we require 10 years of work history to be added to the application), resume etc. - before you apply to the position.
~ If you would like to include a cover letter, add it as your first page to your resume. Your resume is part of your application and unique to each position you apply to..
~Once in the application, be sure to use the links provided to return to the previous page if needed. The back button is not compatible with our system.