Email me newest jobs similar to this one
13 days ago
only 22 days until close

Senior Manager - Security - Threat and Vulnerability


Southwest Airlines
Location: Dallas, Texas
Job type: Contract/Locum
Contact: No Name
Category: Senior Manager
Apply
Select how you want to share:
View similar

Overview:

We are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness of Southwest Airlines. Above all, Employees will be provided the same concern, respect, and caring attitude within the organization that they are expected to share externally with every Southwest Customer.

Responsibilities:

 

 

WORK ACTIVITIES/CONTEXT:

 

People & Organizational Leadership:

  • Cultivate, support, and promote an organizational culture that provides for high performance, high morale, integrity, teamwork and work-life balance.
  • Lead, support, and influence the achievement of the mission, goals and objectives of the department and organization.
  • Participate fully in organizational processes / initiatives, i.e. performance management, interviewing, budgeting, training, etc.   
  • Lead the resolution of organization, team and individual issues, making appropriate decision.
  • Recruit, develop, and retain individuals with skills, attitude, and experience necessary to enable the organization to meet commitments.
  • Provide continuous coaching to improve Teammember, peer performance and business knowledge.
  • Develop and execute strategies and processes to improve performance and the value of products and services provided.
  • Lead cross-functional Teams to deliver solutions and services to meet enterprise needs.
  • Represent multiple teams and customers related to cross-department initiatives, meetings and decisions.
  • Promote and participate in the exchange of learning across the organization.
  • Pursue technical, functional and professional development opportunities with the company and industry.

Business Knowledge:

  • Possess a solid working knowledge of the business functions that align with assigned Team's responsibilities, and effectively apply that knowledge to provide solutions, support and services.

Functional / Technical Knowledge:

  • Provides Technical thought Leadership related to assigned functional areas.
  • Understands best practices, capabilities and constraints related to delivering technical solutions.
  • Specializes in delivering technology solutions using best practices to achieve maximum Team productivity while delivering high quality products.
  • Stays abreast of emerging trends, processes, and solutions related to assigned responsibilities.

Influencing & Relationship Building:

  • Builds strong, collaborative relationships & credibility with various Teams inside & outside of Technology.
  • Influences and drives change across respective Business and Technology functions.

Financial Accountability:

  • Effectively oversees fiduciary responsibilities.
  • Works with Technology and business partners to measure financial benefits and demonstrable business value. 

Must be able to meet any physical ability requirements listed on this description.

 

May perform other job duties as directed by Employee’s Leaders.

Qualifications:

BASIC QUALIFICATIONS:

 

High School Diploma, GED or equivalent education required. 

Must be at least 18 years of age. 

Must have authorization to work in the United States as defined by the Immigration Reform Act of 1986. 

EDUCATION: 

  • BS/MS or BA/MBA in Computer Science, Information Science, Information Systems, Information Security, Business and/or equivalent formal training or experience preferred.

WORK EXPERIENCE: 

  • At least 5 years work experience in a Threat Intelligence environment required.

  • At least 2 years of experience leading Threat Intelligence teams and providing work direction, required.

  • Certification in the Threat Intelligence landscape preferred.

  • Knowledge or best practice in Threat Intelligence and procedures preferred.

  • Experience in identifying new threat tactics, techniques, procedures, and signatures used by cyber threat actors required.

  • Experience in maintaining up-to-date awareness of computer network exploitation and attack tools and tradecraft, threats and vulnerabilities, and respective countermeasures required.
  • Experience in participating in red teaming, war-gaming, and/or exercise development and execution as requested required. 
  • Experience in the triage and in leading escalated Security events and incidents required.
  • Experience in investigating network anomalies and other cyber security events to determine the cause and extent of exposure and overall risk to the environment required.
  • Familiarity with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy required.
  • Experience with security event monitoring, incident response, security architecture and engineering, independent verification and validation of information technology and security infrastructures, compliance and policy practices, system audits, and risk assessments required.

SKILLS/ABILITIES/KNOWLEDGE/WORK STYLE:  

 

Core Knowledge:

  • Leadership experience and knowledge in the domains of threat intelligence, computer security incident response, and security operations

  • Experience engaging and interacting with Information Sharing and Analysis Centers (ISAC’s)

  • Effectively communicate subject matter expertise for threat content to various internal stakeholders

  • Contribute to the identification of process inefficiencies and improvements of threat intelligence services, methodologies, and various tools through variable length projects and programs

  • Ownership and maintenance of a computer security incident response plan, inclusive of organizing table top/war game exercises multiple times per year that incorporates recommendations into the improvement of the computer security incident response plan

  • Possess a functional understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, VPN technologies and encryptions standards

  • Experience with managing and ensuring the timely response and investigations of security events and incidents by the security operations center

  • Experience with creating and maintaining shift schedules to ensure 24x7 coverage engagement with the security operations center

  • Experience with the developing, implementing and overseeing SOC standard operating procedures used to guide daily activities of the security operations center

  • The ability to strategically and tactically organize and motivate a team on the delivery of:

  • Knowledge of vulnerabilities, exploits, and malware to deliver research, documentation, and threat information deliverables

  • Understand the countermeasure creation process to draw conclusions into well-formatted technical write-ups

  • Monitoring for emerging vulnerabilities impacting resources used within the company

  • Track attack vectors used by Threat Actors and evaluate the effectiveness of existing controls

  • Support the threat and vulnerability assessment process to ensure proper prioritization of remediation efforts

  • Identify new threat tactics, techniques, procedures, and signatures used by cyber threat actors

  • Review available intelligence feeds and generate indicators of compromise in support of our security monitoring tools

  • Develop a working understanding of threat actor threat capabilities and intentions

  • Maintain up-to-date awareness of computer network exploitation and attack tools and tradecraft, threats and vulnerabilities, and respective countermeasures

  • Participate in trend /correlation analysis and scenario forecasting at both the tactical and strategic level

  • Participate in red teaming, war-gaming, and/or exercise development and execution as requested.

  • Respond to ad-hoc request for information from internal staff

  • Assign work to team members, ensure incident procedures address the objectives of the security incident response program, and review required documentation for adherence to the department standards and process

  • Triage and lead escalated Security events and incidents

  • Effectively respond to case work relating to computer security vulnerabilities, phishing, malware, and forensic investigations

  • Lead and manage security incidents to ensure timely mitigation and remediation efforts are completed

  • Investigate network anomalies and other cyber security events to determine the cause and extent of exposure and overall risk to the environment

  • Preserve, harvest, and process electronic data according to company policies and regulatory requirements

  • Participate in forensic investigations as required, to include the collection, preservation of electronic evidence, analysis, and creation of a final report

  • Preserve and forensically analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices

  • Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy

  • Security event monitoring, incident response, security architecture and engineering, independent verification and validation of information technology and security infrastructures, compliance and policy practices, system audits, and risk assessments

  • General knowledge of business/Leadership principals, including planning, organizing, directing, developing, and supervising

  • General knowledge of personnel practices and regulations.

  • General knowledge of software development practices, concepts, methodologies, tools and trend

  • Proficient knowledge of project management methodologies

Critical Skills:

  • Excellent partnering, negotiation and communication skills in order to facilitate interactions with business Customers and technology teams.

  • Provides tactical leadership for Team(s)

  • Uses appropriate motivation and influence techniques to achieve desired Team results.\

  • Sets and manages stakeholder expectations.

  • Delivers quality projects on time and within budget.

  • Manages projects using the organization's project management methodology. 

OTHER QUALIFICATIONS:

 

Must maintain a well-groomed appearance per Company appearance standards as described in established guidelines.

 

Southwest Airlines is an Equal Opportunity Employer.

Overview:

We are committed to provide our Employees a stable work environment with equal opportunity for learning and personal growth. Creativity and innovation are encouraged for improving the effectiveness of Southwest Airlines. Above all, Employees will be provided the same concern, respect, and caring attitude within the organization that they are expected to share externally with every Southwest Customer.

Responsibilities:

 

 

WORK ACTIVITIES/CONTEXT:

 

People & Organizational Leadership:

  • Cultivate, support, and promote an organizational culture that provides for high performance, high morale, integrity, teamwork and work-life balance.
  • Lead, support, and influence the achievement of the mission, goals and objectives of the department and organization.
  • Participate fully in organizational processes / initiatives, i.e. performance management, interviewing, budgeting, training, etc.   
  • Lead the resolution of organization, team and individual issues, making appropriate decision.
  • Recruit, develop, and retain individuals with skills, attitude, and experience necessary to enable the organization to meet commitments.
  • Provide continuous coaching to improve Teammember, peer performance and business knowledge.
  • Develop and execute strategies and processes to improve performance and the value of products and services provided.
  • Lead cross-functional Teams to deliver solutions and services to meet enterprise needs.
  • Represent multiple teams and customers related to cross-department initiatives, meetings and decisions.
  • Promote and participate in the exchange of learning across the organization.
  • Pursue technical, functional and professional development opportunities with the company and industry.

Business Knowledge:

  • Possess a solid working knowledge of the business functions that align with assigned Team's responsibilities, and effectively apply that knowledge to provide solutions, support and services.

Functional / Technical Knowledge:

  • Provides Technical thought Leadership related to assigned functional areas.
  • Understands best practices, capabilities and constraints related to delivering technical solutions.
  • Specializes in delivering technology solutions using best practices to achieve maximum Team productivity while delivering high quality products.
  • Stays abreast of emerging trends, processes, and solutions related to assigned responsibilities.

Influencing & Relationship Building:

  • Builds strong, collaborative relationships & credibility with various Teams inside & outside of Technology.
  • Influences and drives change across respective Business and Technology functions.

Financial Accountability:

  • Effectively oversees fiduciary responsibilities.
  • Works with Technology and business partners to measure financial benefits and demonstrable business value. 

Must be able to meet any physical ability requirements listed on this description.

 

May perform other job duties as directed by Employee’s Leaders.

Qualifications:

BASIC QUALIFICATIONS:

 

High School Diploma, GED or equivalent education required. 

Must be at least 18 years of age. 

Must have authorization to work in the United States as defined by the Immigration Reform Act of 1986. 

EDUCATION: 

  • BS/MS or BA/MBA in Computer Science, Information Science, Information Systems, Information Security, Business and/or equivalent formal training or experience preferred.

WORK EXPERIENCE: 

  • At least 5 years work experience in a Threat Intelligence environment required.

  • At least 2 years of experience leading Threat Intelligence teams and providing work direction, required.

  • Certification in the Threat Intelligence landscape preferred.

  • Knowledge or best practice in Threat Intelligence and procedures preferred.

  • Experience in identifying new threat tactics, techniques, procedures, and signatures used by cyber threat actors required.

  • Experience in maintaining up-to-date awareness of computer network exploitation and attack tools and tradecraft, threats and vulnerabilities, and respective countermeasures required.
  • Experience in participating in red teaming, war-gaming, and/or exercise development and execution as requested required. 
  • Experience in the triage and in leading escalated Security events and incidents required.
  • Experience in investigating network anomalies and other cyber security events to determine the cause and extent of exposure and overall risk to the environment required.
  • Familiarity with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy required.
  • Experience with security event monitoring, incident response, security architecture and engineering, independent verification and validation of information technology and security infrastructures, compliance and policy practices, system audits, and risk assessments required.

SKILLS/ABILITIES/KNOWLEDGE/WORK STYLE:  

 

Core Knowledge:

  • Leadership experience and knowledge in the domains of threat intelligence, computer security incident response, and security operations

  • Experience engaging and interacting with Information Sharing and Analysis Centers (ISAC’s)

  • Effectively communicate subject matter expertise for threat content to various internal stakeholders

  • Contribute to the identification of process inefficiencies and improvements of threat intelligence services, methodologies, and various tools through variable length projects and programs

  • Ownership and maintenance of a computer security incident response plan, inclusive of organizing table top/war game exercises multiple times per year that incorporates recommendations into the improvement of the computer security incident response plan

  • Possess a functional understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, VPN technologies and encryptions standards

  • Experience with managing and ensuring the timely response and investigations of security events and incidents by the security operations center

  • Experience with creating and maintaining shift schedules to ensure 24x7 coverage engagement with the security operations center

  • Experience with the developing, implementing and overseeing SOC standard operating procedures used to guide daily activities of the security operations center

  • The ability to strategically and tactically organize and motivate a team on the delivery of:

  • Knowledge of vulnerabilities, exploits, and malware to deliver research, documentation, and threat information deliverables

  • Understand the countermeasure creation process to draw conclusions into well-formatted technical write-ups

  • Monitoring for emerging vulnerabilities impacting resources used within the company

  • Track attack vectors used by Threat Actors and evaluate the effectiveness of existing controls

  • Support the threat and vulnerability assessment process to ensure proper prioritization of remediation efforts

  • Identify new threat tactics, techniques, procedures, and signatures used by cyber threat actors

  • Review available intelligence feeds and generate indicators of compromise in support of our security monitoring tools

  • Develop a working understanding of threat actor threat capabilities and intentions

  • Maintain up-to-date awareness of computer network exploitation and attack tools and tradecraft, threats and vulnerabilities, and respective countermeasures

  • Participate in trend /correlation analysis and scenario forecasting at both the tactical and strategic level

  • Participate in red teaming, war-gaming, and/or exercise development and execution as requested.

  • Respond to ad-hoc request for information from internal staff

  • Assign work to team members, ensure incident procedures address the objectives of the security incident response program, and review required documentation for adherence to the department standards and process

  • Triage and lead escalated Security events and incidents

  • Effectively respond to case work relating to computer security vulnerabilities, phishing, malware, and forensic investigations

  • Lead and manage security incidents to ensure timely mitigation and remediation efforts are completed

  • Investigate network anomalies and other cyber security events to determine the cause and extent of exposure and overall risk to the environment

  • Preserve, harvest, and process electronic data according to company policies and regulatory requirements

  • Participate in forensic investigations as required, to include the collection, preservation of electronic evidence, analysis, and creation of a final report

  • Preserve and forensically analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices

  • Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy

  • Security event monitoring, incident response, security architecture and engineering, independent verification and validation of information technology and security infrastructures, compliance and policy practices, system audits, and risk assessments

  • General knowledge of business/Leadership principals, including planning, organizing, directing, developing, and supervising

  • General knowledge of personnel practices and regulations.

  • General knowledge of software development practices, concepts, methodologies, tools and trend

  • Proficient knowledge of project management methodologies

Critical Skills:

  • Excellent partnering, negotiation and communication skills in order to facilitate interactions with business Customers and technology teams.

  • Provides tactical leadership for Team(s)

  • Uses appropriate motivation and influence techniques to achieve desired Team results.\

  • Sets and manages stakeholder expectations.

  • Delivers quality projects on time and within budget.

  • Manages projects using the organization's project management methodology. 

OTHER QUALIFICATIONS:

 

Must maintain a well-groomed appearance per Company appearance standards as described in established guidelines.

 

Southwest Airlines is an Equal Opportunity Employer.


Email me newest jobs similar to this one

  Back to the top