Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Director, Security Operations
Company The Hershey Company
Location Hershey, PA
Preferred GIAC Certifications GSEC, GCIH, GCIA, GCCC, CISM
Travel 10%
Salary Not provided
URL https://careers.thehersheycompany.com/us/en/job/HERSA005H9708/Director-Security-Operations
Contact Name Jeremiah
Contact Email jhainly/at/hersheys.com
Expires 2021-01-26

Job Description

Hershey, PA preferred. Remote work available for the right candidate.

Major Duties/Responsibilities:
The Director of Security Operations is responsible for building a best in class program to protect The Hershey Company from security incidents and deliver an enterprise program to detect and respond to security events. This position will be responsible for developing and executing the organizations protection strategy, developing the standards for system monitoring and ensuring Hershey maintains a robust response and recovery capability. This role will also be responsible for managing and developing talent and the associated talent strategies. This person will also be part of the Security Leadership team and will be involved in helping to lead and mature the security program.


Primary Responsibilities:
- Building and maintaining systems that allow us to operate securely at scale by protecting our critical assets and information and collecting, analyzing and alerting on anomalous activity
- Develop and maintain a threat intelligence capability to identify and classify adversaries, campaigns and techniques and drive meaningful program strategies to address risk
- Monitoring for suspicious activity, investigating, and responding appropriately
- Identification of security weaknesses and ensuring reasonable resolution timelines
- Bring a solutions-oriented approach and support your teams in doing the same
- Think strategically about security improvements, develop appropriate roadmaps and oversee delivery and execution
- Build relationships with other teams to influence positive security change
- Grow diverse teams and ensure the personal development of your team members
- Support and empower ownership within the teams of the full lifecycle, quality, and provability of our security controls from creation to operation
- Drive innovation and efficiencies across our security stack
- Mature and maintain our ability to appropriate respond and recover from security incidents and regularly evaluate our environment, capabilities, and processes through table-top and real-world testing
- Provide situational awareness of our security posture in business terms and context
- Establish IT/OT integration of Security Operations program capabilities


Summary of major duties:
- Development and execution of program strategy and key initiatives
- Establishing alignment across the enterprise to drive improvements to information security posture
- Manage team resources and develop talent to meet current and future needs of the organization
- Manage and maintain organizational readiness to respond and recovery from security incidents
- Establish and govern key KRI, KPI and SLAs of the security operations program

Education:
- BS in Computer Science, Information Security or related field OR equivalent work experience (6 years of experience). One of the following security certifications: CISSP, Security+, GSEC, GCIH, GCIA, or CISM is preferred

Experience:
- 10+ years Information Security or Security Operations experience w/ 5 years of leadership experience