Information Security Operations Center And Incident Response Manager (Remote)

Do you have a passion for leading, developing and growing others while working on interesting problems and helping to advance incident response capabilities? Have you always wanted to make a real impact on securing an organization and seeing your efforts deliver effective delivery of security operations at scale? We have an exciting opportunity managing our IR and SOC program.

Crane Company is seeking an Information Security Operations Center and Incident Response Manager to be responsible for our Global Incident Response Program, Security Operations Center and Team Members, and to assist in the delivery of all Information Security Initiatives globally. This position reports to the CISO.

In this role, you will be responsible for leading the Crane Company Global Incident Response program, all related processes and technologies, and for and managing and leading the US and International Security Operations Center Teams. This is a hands-on role, where you must enjoy going deep into identifying advanced threats, teaching and growing others, and be dedicated to the mission of finding and eradicating threats and continuously improving controls and defenses.

Core Function :

This role will be responsible for managing our Global SOC and all related tools, solutions, processes and people. You must be experienced and excited about leading the daily work of security analysts have a vision for modern SOC and SOAR, and you are calm under pressure, adept at prioritizing response and effective in the remediation of threats.

In this capacity, you will be implementing and managing others in delivery of processes and standard work for the global security operations function. This includes threat mapping, playbook development, building threat intelligence informed detections, and performing detailed investigations. This is a very hands-on position; doing threat hunting, utilizing an advanced security stack for daily work, and ensuring team SLAs and performance is met and delivered.

You will direct our application of SIEM, SOAR and other related technologies and processes supporting the global information security function. You will be resolute in the advancement and implementation of automation and other proven methods to support your team , and continue to grow the organization in techniques to build and support interfaces to and from various supporting technologies, tools, and systems.

You will work closely with the CISO, Business Leadership, Global Infosec Management, and other IT leaders and security representatives to ensure our strategy, implementation, and ongoing improvement towards cyber-incident preparedness. You will be expected to be able to communicate effectively at all levels of the organization, be extremely detailed, and be focused on delivery to program goals and expectations. You must enjoy contributing to continuous improvement initiatives, and have a genuine passion for infosec!

This is an exciting opportunity to grow and make a positive impact on a global program alongside other passionate infosec professionals. You know you have what it takes and a desire to advance a program at the highest-levels through managing, leading and developing a team of professionals along the way, this is the position you’ve always wanted.

Responsibilities:

• Partner with external entities such as law enforcement or forensics, as well as other internal functions such as Legal, HR, GRC, Risk Management, IT.
• Develop, maintain, and enhance related policies, documentation and procedures.
• Evaluation, planning, configuration, and implementation of both future and existing security initiatives and solutions.
• Ensure security industry standards and emerging best practices are identified and integrated into our program approach and methodologies.
• Ensure the timely identification, response, investigation, and remediation of all security events and incidents.
• Manage Security Operations Center personnel, partner relationship and supporting technologies.
• Assist in ensuring the performance of key partner relationships and managed security services providers.
• Develop and maintain program metrics, KPIs and reporting for the incident response program to drive continuous improvements and support external and internal investigations.
• Lead and direct others as Incident commander for “all-hands” and other high-stakes investigations.
• Lead and advance all aspects of the SOC and Incident Response Program.

Qualifications and Competencies:

• Foundational experience and background with broad enterprise-level IT technologies including networks, endpoints, virtualization, cloud, operating systems, email, storage, databases, etc.
• Ability to travel as needed
• Deep understanding of effective defensive controls for network, email, endpoint, identities and data both in traditional IT and in the Cloud.
• Desired: Degree in a related field.
• US Person as defined under EAR PART 772 AND ITAR 120.15
• Advanced understanding of present-day cyber-threats, attacker techniques and behaviors, and effective methods to both detect & repel these threats for a global organization with a distributed enterprise IT environment.
• Require: 3-5 years managing others in a security field.
• Desired: Advanced professional security certifications such as CISSP, CISM, GISP, GSLC, GCFA, GDAT, GCTI, or similar.
• Expert level application of threat and attack detection using SIEM, threat intelligence, sandboxing, vulnerability and configuration scanning, log analysis, anomaly detection, end-point telemetry, long-tail analysis, network/netflow/pcap, de-obfuscation, de-coding, and other evasion techniques.
• Familiarity with relevant multi-national financial, privacy, and other governmental regulatory requirements.
• Ninja-level knowledge of Windows, Linux Internals, Network Threat Identification, Cloud Security Protections.
• Experience managing, leading, and working with remote/distributed teams with diverse backgrounds.
• Required: 5-7 or more years relevant professional experience in a SOC performing IR.
• Proficiency leading projects and project management experience with a focus on delivering results.

Crane Company is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, or national origin or any other characteristic protected under applicable federal, state, or local law.