Cyber Defense Manager

Posted:
10/3/2024, 5:00:00 PM

Location(s):
Santa Ana, California, United States ⋅ California, United States

Experience Level(s):
Senior

Field(s):
IT & Security

Who We Are

Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for nine consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.

What We Do

The Manager for Cyber Defense is a member of the technical security team working within the office of the CISO. The Cyber Defense Manager will report to the Director of Cyber Defense and Security Operations.

The Cyber Defense Team is responsible for delivering the following core services:

  • Security Assessment Service
    • Penetration Testing
    • Threat Hunting
    • Breach & Attack Simulation
    • Red Team Exercises
  • Cyber Threat Intelligence
  • Cyber Threat Advisory Service
  • Vulnerability/Zero-Day Response
  • Attack Surface Management

What You'll Do

  • Mature the Cyber Defense program through the implementation, configuration and use of appropriate technologies and processes to meet current and future requirements
  • Ensure the successful and timely delivery of all responsible services
  • Manage a team of Cyber Security Engineers and Analysts, assisting them in developing their skills as required
  • Continually assess our tool sets, processes and procedures, and make recommendations for improvements in their effectiveness and efficiency to achieve operational excellence and risk reduction
  • Communicate threat intelligence and security performance metrics to Information Security Senior Management through regular reports, KPI’s and KRI’s
  • Collaborate fully with dependent and other technical security teams including Security Operations Incident Response and Vulnerability Management team.
  • Create and ensure adequate up to date documentation of the services, processes and procedures is produced and maintained.
  • Produce reports and information in response to audit and control review requests
  • Work closely with Information Technology to identify and mitigate risks, perform security reviews, and consult on the design of best of breed security practices and procedures.
  • Monitor changes and trends in the threat landscape to enable proactive security controls.
  • Plan, coordinate and manage 3rd party provided penetration testing services, remediation activities, and post-remediation re-testing.
  • Coordinate with business and technology departments to ensure security is incorporated into new and existing processes
  • Where called upon, to assist in the investigation of cybersecurity incidents, identify intrusions, and isolate, block and remove unauthorized access
  • Support the Cyber Defense team members in performing and delivering the services daily where required. E.g., performing threat hunts, analyzing cyber threat intelligence information, and reviewing and processing penetration test reports
  • Ensure security advisories are communicated to the relevant recipients in a timely manner

What You'll Bring:

Knowledge and Skills/Technology Used, Job Complexities, Impact

  • Bachelor’s Degree or equivalent work experience preferred. Industry aligned certifications such as CISSP, CISM, CTIA, GCTI are desired
  • 5 to 7 years of leadership experience in progressively responsible roles in a demanding Infosec environment
  • Professional experience in applicable discipline and demonstrated experience in evaluating significant IT processes and maintaining a robust Information Technology control environment for a complex IT organization
  • Excellent communication skills, as well as outstanding presentation and persuasion capabilities, with exceptional presence that elicits confidence and credibility. Ability to communicate effectively across a wide group of people and audiences
  • Working industry knowledge of Information Technology and Cyber Security to lead in this functional area
  • Ability to effectively convey complex issues and communicate to a variety of audiences including technical staff, peers, as well as senior management, and oversight bodies
  • A track record of developing trust-based relationships with customers to fully understand and deliver solutions to meet their business needs, while using diplomacy and relationships to advance the information security risk management program within a consensus-driven culture
  • People management skills and experience of managing teams of technical resources in the past
  • Work on a diverse range of problems of moderate scope where analysis of situations or data requires evaluation of a variety of factors and develop an understanding of current business and technological trends
  • Exercise judgment within defined procedures and practices to determine appropriate action
  • On a regular basis, initiate corrective action needed to resolve complex, critical issues
  • Provide input to and may develop operational plans and work with senior management to ensure that plans are integrated with broader strategies
  • Be available to support operational and security events 24 X 7 as required in the event that such action is required.
  • Able to work with and support business functions across multiple time zones as required
  • Provide supervisory and management for a team of engineers and analysts working across multiple time zones with the US, Dominican Republic and India.
  • Work under general direction
  • Receive assignments in the form of objectives and determines how to use resources to meet schedules, develop project plans, timelines, and goals
  • Provide direction to employees within the boundaries of established policies
  • Enlist expertise of peers in other departments, external professional contacts, and a wide range of additional resources to explore new methods and approaches and to solve problems
  • Work is reviewed in terms of meeting product, project, or operational objectives, quality, schedules, and budgets
  • Provide input to department strategic plan and budget
  • Recommend changes to process, SLA’s, department policies, procedures, metrics, and standards
  • Influence senior management on decisions related to department priorities, schedules, plans and cost controls
  • Achieve objectives for multiple and varied projects
  • Regularly make decisions necessary to resolve critical issues related to department operations
  • Successful track record of managing staff and working in a Cyber Defense or Operations team, delivering the core services, and designing, developing, and managing the execution of projects in area of expertise
  • Ability to communicate the function’s vision and the department’s direction, and set aligned goals for team; provide resources and implements systems to measure results
  • Ability to select, coach and develop talent and hold employees accountable for results, support change and foster collaboration
  • Deal with others in an honest manner, assure adherence to company policies, address questionable business practices
  • Foster customer loyalty and demonstrate commitment to customer satisfaction; keep customers apprised of progress and ensure commitments are met
  • Provide others with reliable information, create, and deliver accurate reports and presentations; use good listening skills; negotiate effectively

Pay Range: $126,100- $168,100.00 annually

This hiring range is a good faith and reasonable estimate of the salary range of possible compensation at the time of the posting and is subject to change. The actual compensation offered will be determined by various factors, which may include a candidate’s education, training, experience, and geographic location.

#LI-BH1

#techreferral

What We Offer

By choice, we don’t simply accept individuality – we embrace it, we support it, and we thrive on it! Our People First Culture celebrates diversity, equity and inclusion not simply because it’s the right thing to do, but also because it’s the key to our success. We are proud to foster an authentic and inclusive workplace For All. You are free and encouraged to bring your entire, unique self to work. First American is an equal opportunity employer in every sense of the term.

Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan.