We are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness of Southwest Airlines. Above all, Employees will be provided the same concern, respect, and caring attitude within the organization that they are expected to share externally with every Southwest Customer.
People & Organizational Leadership:
Functional / Technical Knowledge:
Influencing & Relationship Building:
Must be able to meet any physical ability requirements listed on this description.
May perform other job duties as directed by Employee’s Leaders.
High School Diploma, GED or equivalent education required.
Must be at least 18 years of age.
Must have authorization to work in the United States as defined by the Immigration Reform Act of 1986.
At least 5 years work experience in a Threat Intelligence environment required.
At least 2 years of experience leading Threat Intelligence teams and providing work direction, required.
Certification in the Threat Intelligence landscape preferred.
Knowledge or best practice in Threat Intelligence and procedures preferred.
Experience in identifying new threat tactics, techniques, procedures, and signatures used by cyber threat actors required.
Leadership experience and knowledge in the domains of threat intelligence, computer security incident response, and security operations
Experience engaging and interacting with Information Sharing and Analysis Centers (ISAC’s)
Effectively communicate subject matter expertise for threat content to various internal stakeholders
Contribute to the identification of process inefficiencies and improvements of threat intelligence services, methodologies, and various tools through variable length projects and programs
Ownership and maintenance of a computer security incident response plan, inclusive of organizing table top/war game exercises multiple times per year that incorporates recommendations into the improvement of the computer security incident response plan
Possess a functional understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, VPN technologies and encryptions standards
Experience with managing and ensuring the timely response and investigations of security events and incidents by the security operations center
Experience with creating and maintaining shift schedules to ensure 24x7 coverage engagement with the security operations center
Experience with the developing, implementing and overseeing SOC standard operating procedures used to guide daily activities of the security operations center
The ability to strategically and tactically organize and motivate a team on the delivery of:
Knowledge of vulnerabilities, exploits, and malware to deliver research, documentation, and threat information deliverables
Understand the countermeasure creation process to draw conclusions into well-formatted technical write-ups
Monitoring for emerging vulnerabilities impacting resources used within the company
Track attack vectors used by Threat Actors and evaluate the effectiveness of existing controls
Support the threat and vulnerability assessment process to ensure proper prioritization of remediation efforts
Identify new threat tactics, techniques, procedures, and signatures used by cyber threat actors
Review available intelligence feeds and generate indicators of compromise in support of our security monitoring tools
Develop a working understanding of threat actor threat capabilities and intentions
Maintain up-to-date awareness of computer network exploitation and attack tools and tradecraft, threats and vulnerabilities, and respective countermeasures
Participate in trend /correlation analysis and scenario forecasting at both the tactical and strategic level
Participate in red teaming, war-gaming, and/or exercise development and execution as requested.
Respond to ad-hoc request for information from internal staff
Assign work to team members, ensure incident procedures address the objectives of the security incident response program, and review required documentation for adherence to the department standards and process
Triage and lead escalated Security events and incidents
Effectively respond to case work relating to computer security vulnerabilities, phishing, malware, and forensic investigations
Lead and manage security incidents to ensure timely mitigation and remediation efforts are completed
Investigate network anomalies and other cyber security events to determine the cause and extent of exposure and overall risk to the environment
Preserve, harvest, and process electronic data according to company policies and regulatory requirements
Participate in forensic investigations as required, to include the collection, preservation of electronic evidence, analysis, and creation of a final report
Preserve and forensically analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices
Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy
Security event monitoring, incident response, security architecture and engineering, independent verification and validation of information technology and security infrastructures, compliance and policy practices, system audits, and risk assessments
General knowledge of business/Leadership principals, including planning, organizing, directing, developing, and supervising
General knowledge of personnel practices and regulations.
General knowledge of software development practices, concepts, methodologies, tools and trend
Proficient knowledge of project management methodologies
Excellent partnering, negotiation and communication skills in order to facilitate interactions with business Customers and technology teams.
Provides tactical leadership for Team(s)
Uses appropriate motivation and influence techniques to achieve desired Team results.\
Sets and manages stakeholder expectations.
Delivers quality projects on time and within budget.
Manages projects using the organization's project management methodology.
Must maintain a well-groomed appearance per Company appearance standards as described in established guidelines.
Southwest Airlines is an Equal Opportunity Employer.