ผู้จัดการของ Cyber Threat Hunting & Pen Testing
แบรนด์โรงแรม: IHG Corporate
โรงแรม: Corp Atlanta Ravinia (ATLR3)
Job number: R184505
Bringing True Hospitality to the world.
We want to welcome you to a world of bringing True Hospitality to everyone. When you join us at IHG®, you become part of our global family. A welcoming culture of warmth, honesty, and a passion for providing True Hospitality.
We pride ourselves on letting your personality and passions shine, recognizing the individual contribution you make and supporting your ambition to learn and create your own career path. In making a difference to our guests and owners, colleagues and communities, every day is a chance to create great and unique experiences, in your own way.
With over 370,000 colleagues in nearly 100 countries sharing our values, there’s countless opportunities at your fingertips.
We’re growing; grow with us.
Your day to day
Purpose of the role: The Manager of Threat Hunting and Pen Testing is responsible for building out and executing the frameworks around conducting analysis, providing assessments of known threats and vulnerabilities discovered, and identify policy violations to ensure early and accurate detection, response, containment and recovery from threats directed against IHG.
· Lead IHG’s Threat Hunting and Pen Test program
· Build on and improve logging and monitoring infrastructure in collaboration with Infrastructure Security, Engineering, and Operations teams
· Own and lead security incidents, including partnering with all relevant stakeholders
· Ensure Security incidents go through a full life cycle promptly including lessons learned and retrospective when needed to drive process improvements in detection and response capabilities as well as educate the security and engineering staff on security threats
· Assist with the selection, implementation, and usage enhancement of advanced monitoring and threat hunting tools
· Leverage threat intelligence tools and techniques to hunt for threats
· Analyze the latest attacker techniques and develop approaches to detect them across the company's diverse environments and endpoints
· Lead the research and implementation of techniques for threat detection and response both in a cloud and on-prem environment. Use automation to improve detection and response times and mitigation
· Maintain Key Performance Indicators and produce Security Team Reports as required in a timely manner
· Produce timely, accurate, and detailed security reports to a standard appropriate for submission to senior executives
· Plan, organize, and lead functions within established schedules, budgetary and resource plans; establish goals, performance standards and operating procedures for assigned functions. Participate in creation of department staffing and capital budgets
· Ensure compliance to security practices & standards. Reducing likelihood of audit findings, regulatory & legal liabilities
Provide leadership guidance and subject matter expertise and security guidance to operations, functional, and technology partners to help them meet Information Security requirements
Key Collaborative Network
Key Shared Accountabilities:
- Protect the company by following sound risk management protocols and adhering to regulatory requirements
- throughout the business units
- Reduce security risks by leveraging controls and minimizing weaknesses in IHG’s regional portfolio
- Work closely with all areas and regions of IHG on the assessment of corporate technology to fully secure information, computer, network, and processing systems
- Act as point of contact to executive leadership for dimensioning, managing and driving remediation of information security risks
- Recommend changes in security policies and practices in accordance with changes in local or federal law
What we need from you
- Owners including IHG Owners Association
- Regional Operating Committees
- Regionally based Functional Teams (GCA, HR, Finance, and BRR)
- Global Technology and security partners
- Information Security KRIs
- Regional engagement metrics (risk identification, compliance, and incident response)
- Service Level Agreement adherence
6+ years in several cyber intelligence/defense/response subject matter roles
· Industry certifications (CISSP, CISM, CISA, GIAC or equivalent)
· 3+ years of experience in threat intel, threat hunting detection, IR, or forensics and team management/lead
· Experience in endpoint and network-focused forensics, incident response, and threat hunting utilizing both Deep Packet Inspection and NetFlow solutions
· Thorough understanding on how to leverage standards like MITRE in the development and implementation of incident response processes, standards and policies, to include the measurement of their effectiveness
· Deep understanding of relevant cyber aspects in network, desktop, server, application/database and cloud technologies, including experience with intrusion, detection and containment tools and/or methods
· Understanding of malware analysis, virus exploitation and mitigation techniques
· Comfortable working in highly ambiguous situations and quickly adapting approaches to changing events
· Unquestionable ethics and ability to manage sensitive material
· Experience with strategic planning and management including budget, organization, personnel decisions
· Results oriented, can achieve desired outcomes independently and at appropriate priority levels
· A keen ability to identify trends and patterns in data
· Familiarity with risk scoring and threat analysis tools
· Proficient in writing, testing, and deploying UAM signatures
· Experience with:
· User and Entity Behavior Analytics
· managing incidents life cycle and running Table-Top Exercises
· Data Loss Prevention (DLP) security controls
· Using ELK stack and specifically Kibana (run queries, create dashboards)
· Understanding of networking fundamentals, firewalls, proxies, and IDS/IPS
. Experience in cloud environments (AWS preferred) and Linux containers and orchestration systems (Kubernetes preferred)
What we offer
We’ll reward all your hard work with a great salary and benefits – including great room discount and superb training.
Join us and you’ll become part of the global IHG family – and like all families, all our individual team members share some winning characteristics. As a team, we work better together – we trust and support each other, we do the right thing and we welcome different perspectives. You need to show us you care, that you notice the little things that make a difference to guests as well as always looking for ways to improve - click here to find out more about us.
IHG is an equal opportunity employer. Minorities/Females/Disabled/Veterans