Detect and Respond Lead
Role Purpose: Security is paramount to the success of our business. This role helps protect our information and products, by leading our detect and respond initiatives and driving a culture of positive cybersecurity into the heart of our business.
Role Value: Having the highest levels of security and compliance are essential to Jumio’s business. By setting and achieving the highest standards this role has a direct impact on the integrity of our business, our customers’ confidence and, ultimately, the continued growth and success of the company.
- Owning the vision and ongoing evolution of our detect and respond program, influencing cross-functional teams and managed service partners to advance the company’s security position.
- Support the creation and embedding of response playbooks into our next-generation security function.
- Managing external threat intelligence services on a regular basis, contextualisation of intelligence to our business. Lead proactive responses to threats of interest.
- Manage the end to end lifecycle of cybersecurity incidents and our CSIRT service arrangements.
- Maintain strong relationships with all interested parties that affect the security posture of the company and incident handling escalation touchpoints.
- Provide ongoing assurance that all detect and response controls and processes are operating effectively.
- Interface with technology teams on design and operational security issues.
- Provide high-quality KPI and KRI statistics and reports on a regular basis.
- Manages security crisis response simulations, and associated improvement activities.
- Identification and reporting of risks to stakeholders and CISO function.
- Support the direction of penetration testing and vulnerability management capabilities.
- Empower and educate our people through security cultural innovation.
- Drive the culture of positive cybersecurity into the heart of our business.
Experience and Qualifications
- Proven commercial experience in a detect and response capacity and influencing positive change.
- Proven success in the design and implementation of unified security monitoring and response models, across diverse technology and cloud platforms.
- Experience in successfully dealing with Advanced Persistent Threats (APT), cybercriminals, malware, and targeted phishing.
- High quality, contemporary, cybersecurity operations in a digital business
- Developing successful global security operations processes.
- Working with global information security frameworks and standards like PCI DSS, ISO 27001, SOC2.
- CISM, CEH, CISSP or GIAC Cyber Defence certifications.
- Experience in threat monitoring and management in cloud environments - AWS preferred.
- Security incident management (including Critical Incident Management), and application security best practices.
- Demonstrate ability to perform in-depth log analysis, disk and memory forensic as part of enterprise incident response.
- In-depth knowledge of cyber-attack analysis and MITRE ATT&CK framework.
- Experience in team development and gap analysis, table-top exercises, incident response, digital forensics and data breach response.
- Experience in building automation for identification, response, and remediation of malicious activity.
- Driving the implementation of countermeasures, mitigations, and containment.
- Dealing with and managing 3rd party Security providers.
- Excellent analytical, conceptual and communications skills in spoken and written English.
- Fast learner, high capacity for abstract thinking and structured approach to work plus a hands-on mentality and an international mindset.
Key Characteristics and Attitudes
In a recent global survey these attributes were valued by Jumios in all locations and functions - we firmly believe in hiring for attitude as well as skill.
- Friendly and supportive
- Adaptable and flexible
- Articulate and persuasive
- High IQ and EQ
- Curious and coachable
- Commercially Aware
- Resilient and tenacious
- Big picture and the detail
- IDEAL: Integrity, Diversity, Empowerment, Accountability, Leading Innovation
This is an opportunity to shape a global capability from the ground up. The role will move from a senior, hands-on, contributor into a team lead. Continual learning is highly encouraged at Jumio, especially within security where up to date skills and qualifications are highly valued.
Austria and Montreal, Canada. Located on the Outer Ring Road in Kadebeesanahalli, Bangalore, we focus on development of multiple products and data platforms for Jumio . We deliver components that power Jumio’s market leading products. Jumio Bangalore is a diverse team of engineers from all over India that enjoy knowledge sharing, being curious and collaborating across borders
Jumio is the future for online and mobile ID verification. We are the largest and fastest growing company in the ID verification space. With a global footprint, we’re expanding the team to meet strong client demand across a range of industries including Financial Services, Travel, Sharing Economy, Fintech, Gaming, and others.
Jumio is a collaboration of people with different ideas, strengths, interests and cultures. We welcome applications and colleagues from all backgrounds and of all statuses.