You are here: Jobs → View a job


Airlines IT

 

Southwest Airlines

Senior Manager - Security - Threat and Vulnerability



Date posted:
Expire date:
Recruiter:
Job Category:
Location:
Reference:
23.Nov.2016
Open Until Filled
Southwest Airlines
Airlines IT
US-TX-Dallas
15862

Description:

WORK ACTIVITIES/CONTEXT:



People & Organizational Leadership:

Cultivate, support, and promote an organizational culture that provides for high performance, high morale, integrity, teamwork and work-life balance.
Lead, support, and influence the achievement of the mission, goals and objectives of the department and organization.
Participate fully in organizational processes / initiatives, i.e. performance management, interviewing, budgeting, training, etc.
Lead the resolution of organization, team and individual issues, making appropriate decision.
Recruit, develop, and retain individuals with skills, attitude, and experience necessary to enable the organization to meet commitments.
Provide continuous coaching to improve Teammember, peer performance and business knowledge.
Develop and execute strategies and processes to improve performance and the value of products and services provided.
Lead cross-functional Teams to deliver solutions and services to meet enterprise needs.
Represent multiple teams and customers related to cross-department initiatives, meetings and decisions.
Promote and participate in the exchange of learning across the organization.
Pursue technical, functional and professional development opportunities with the company and industry.

Business Knowledge:

Possess a solid working knowledge of the business functions that align with assigned Team's responsibilities, and effectively apply that knowledge to provide solutions, support and services.

Functional / Technical Knowledge:

Provides Technical thought Leadership related to assigned functional areas.
Understands best practices, capabilities and constraints related to delivering technical solutions.
Specializes in delivering technology solutions using best practices to achieve maximum Team productivity while delivering high quality products.
Stays abreast of emerging trends, processes, and solutions related to assigned responsibilities.

Influencing & Relationship Building:

Builds strong, collaborative relationships & credibility with various Teams inside & outside of Technology.
Influences and drives change across respective Business and Technology functions.

Financial Accountability:

Effectively oversees fiduciary responsibilities.
Works with Technology and business partners to measure financial benefits and demonstrable business value.

Must be able to meet any physical ability requirements listed on this description.



May perform other job duties as directed by Employee’s Leaders.

Requirements:

Qualifications:

BASIC QUALIFICATIONS:



High School Diploma, GED or equivalent education required.

Must be at least 18 years of age.

Must have authorization to work in the United States as defined by the Immigration Reform Act of 1986.

EDUCATION:

BS/MS or BA/MBA in Computer Science, Information Science, Information Systems, Information Security, Business and/or equivalent formal training or experience preferred.

WORK EXPERIENCE:

At least 5 years work experience in a Threat Intelligence environment required.

At least 2 years of experience leading Threat Intelligence teams and providing work direction, required.

Certification in the Threat Intelligence landscape preferred.

Knowledge or best practice in Threat Intelligence and procedures preferred.

Experience in identifying new threat tactics, techniques, procedures, and signatures used by cyber threat actors required.
Experience in maintaining up-to-date awareness of computer network exploitation and attack tools and tradecraft, threats and vulnerabilities, and respective countermeasures required.
Experience in participating in red teaming, war-gaming, and/or exercise development and execution as requested required.
Experience in the triage and in leading escalated Security events and incidents required.
Experience in investigating network anomalies and other cyber security events to determine the cause and extent of exposure and overall risk to the environment required.
Familiarity with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy required.
Experience with security event monitoring, incident response, security architecture and engineering, independent verification and validation of information technology and security infrastructures, compliance and policy practices, system audits, and risk assessments required.

SKILLS/ABILITIES/KNOWLEDGE/WORK STYLE:



Core Knowledge:

Leadership experience and knowledge in the domains of threat intelligence, computer security incident response, and security operations

Experience engaging and interacting with Information Sharing and Analysis Centers (ISAC’s)

Effectively communicate subject matter expertise for threat content to various internal stakeholders

Contribute to the identification of process inefficiencies and improvements of threat intelligence services, methodologies, and various tools through variable length projects and programs

Ownership and maintenance of a computer security incident response plan, inclusive of organizing table top/war game exercises multiple times per year that incorporates recommendations into the improvement of the computer security incident response plan

Possess a functional understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, VPN technologies and encryptions standards

Experience with managing and ensuring the timely response and investigations of security events and incidents by the security operations center

Experience with creating and maintaining shift schedules to ensure 24x7 coverage engagement with the security operations center

Experience with the developing, implementing and overseeing SOC standard operating procedures used to guide daily activities of the security operations center

The ability to strategically and tactically organize and motivate a team on the delivery of:

Knowledge of vulnerabilities, exploits, and malware to deliver research, documentation, and threat information deliverables

Understand the countermeasure creation process to draw conclusions into well-formatted technical write-ups

Monitoring for emerging vulnerabilities impacting resources used within the company

Track attack vectors used by Threat Actors and evaluate the effectiveness of existing controls

Support the threat and vulnerability assessment process to ensure proper prioritization of remediation efforts

Identify new threat tactics, techniques, procedures, and signatures used by cyber threat actors

Review available intelligence feeds and generate indicators of compromise in support of our security monitoring tools

Develop a working understanding of threat actor threat capabilities and intentions

Maintain up-to-date awareness of computer network exploitation and attack tools and tradecraft, threats and vulnerabilities, and respective countermeasures

Participate in trend /correlation analysis and scenario forecasting at both the tactical and strategic level

Participate in red teaming, war-gaming, and/or exercise development and execution as requested.

Respond to ad-hoc request for information from internal staff

Assign work to team members, ensure incident procedures address the objectives of the security incident response program, and review required documentation for adherence to the department standards and process

Triage and lead escalated Security events and incidents

Effectively respond to case work relating to computer security vulnerabilities, phishing, malware, and forensic investigations

Lead and manage security incidents to ensure timely mitigation and remediation efforts are completed

Investigate network anomalies and other cyber security events to determine the cause and extent of exposure and overall risk to the environment

Preserve, harvest, and process electronic data according to company policies and regulatory requirements

Participate in forensic investigations as required, to include the collection, preservation of electronic evidence, analysis, and creation of a final report

Preserve and forensically analyze data from electronic data sources, including laptop and desktop computers, servers, and mobile devices

Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy

Security event monitoring, incident response, security architecture and engineering, independent verification and validation of information technology and security infrastructures, compliance and policy practices, system audits, and risk assessments

General knowledge of business/Leadership principals, including planning, organizing, directing, developing, and supervising

General knowledge of personnel practices and regulations.

General knowledge of software development practices, concepts, methodologies, tools and trend

Proficient knowledge of project management methodologies

Critical Skills:

Excellent partnering, negotiation and communication skills in order to facilitate interactions with business Customers and technology teams.

Provides tactical leadership for Team(s)

Uses appropriate motivation and influence techniques to achieve desired Team results.

Sets and manages stakeholder expectations.

Delivers quality projects on time and within budget.

Manages projects using the organization's project management methodology.

OTHER QUALIFICATIONS:



Must maintain a well-groomed appearance per Company appearance standards as described in established guidelines.



Southwest Airlines is an Equal Opportunity Employer.

Apply