Cyber Threat Lead - Global Threat Operations

  • Category: Security Services
  • Team: Enterprise Customer Care
  • Location: Salcedo Village, Makati

Description

Trustwave is a leading cybersecurity and managed security services provider that helps businesses fight cybercrime, protect data and reduce security risk. Offering a comprehensive portfolio of managed security services, security testing, consulting, technology solutions and cybersecurity education, Trustwave helps businesses embrace digital transformation securely. Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.

Core Hours: 1st shift local time

Description:
An MSS Threat Operations Lead is a member of Global Threat Operations for Trustwave Managed Security Services (MSS). In addition to possessing technical knowledge and leading delivery of complex technical issues, a Threat Operations Lead interacts extensively with Cyber Threat Analysts and Engineers, customers, partners, and other internal organizations using professional etiquette- serving as a liaison for threat management services as well as an escalation point within GTO.

Threat Operations Leads perform the following duties:

  • Reporting to the Operations Manager for Global Threat Operations, the GTO Cyber Threat Operations Lead provides leadership responsibility for a team of cyber threat analysts and engineers responsible for the following activities:
    • The use strong operating system, TCP/IP networking, and application skills to perform analysis and understand detected threats
    • Analyze and respond to security events from firewalls, EDR, IDS, IPS, SIEM (Qradar, Splunk, ArcSight, LogRhythm), Web Application Firewall (WAF) and other security data sources within documented SLA
    • Monitor and respond within service level agreement (SLA) standards to customer tickets and threats requiring incident notification
    • Tune devices for proactive blocking and detection based on customer business need
    • Configure, manage, and upgrade protection policies for Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), Security Information and Event Monitoring (SIEM) platforms, and Endpoint Detection & Response Platforms
    • Tune threat detection and protection devices for unique customer environments
    • Create, improve, and document processes for the management and monitoring of security solutions.
  • Demonstrate leadership in all areas of the customer service engagement
  • Manage tasks and projects to meet the goals of the MSS & GTO organizations
  • Organize and facilitate technical meetings with customers and internal organizations
  • Maintain knowledge of industry-wide attacks and the current threat environment
  • Demonstrate leadership to GTO & Trustwave staff and customers
  • Create, improve, and document processes for the management and monitoring of security solutions
  • Take responsibility for customer satisfaction and overall success of managed services
  • Respond to needs and questions of customers in a polite, positive, and professional manner concerning their managed services, managed devices and detected threats
  • Adhere to policies, procedures, and security best practices
  • Act as a mentor and escalation point for analysts and engineers within GTO
  • Develop training plans to elevate the performance of analysts
  • Lead projects to develop new service offerings and integrate new technology to services portfolio
  • Work with internal engineering teams to facilitate new features and functions
  • Collect and report data trending across multiple products and customers
  • Provide input and guidance on new product development
  • Act as both team and thought leader to junior threat team members within region and interact with peer leads and management across regions
  • Understand big picture security and threat landscape, concerns and motivations
  • Collaborate with management on process improvement, documentation and definition for threat analysis and classification
  • Foster a culture of growth and development within the teams
  • Actively recognize and reward team members for actions above and beyond

Skills & Knowledge Requirements:
Must have skills/knowledge in some of the following:

 

  • Project and Queue Management
  • SOC Operations / Management
  • Endpoint Detection & Response
  • Security Information and Event Management (SIEM)
  • Unix / Linux and Windows system administration
  • Information security best practices & network security architecture
  • Signature based security products
  • Current exploit and remediation techniques
  • TCP/IP networking
  • Vulnerability Scanning technologies
  • Log collection and analysis tools
  • Threat Intelligence
  • Incident Response / Forensics
  • Payment Card Industry (PCI) Standards

Desired experience:

  • 7 or more years of information security or networking experience
  • Previous operational experience as an analyst or senior engineer
  • Excellent customer service skills
  • Excellent analytical thinking and problem-solving skills
  • Strong oral and written communication skills
  • Self-managed and team oriented; a great coach and teacher
  • Responsive and collaborative
  • Deadline and detail oriented; highly motivated
  • Leadership & management experience

Required:

  • English: Demonstrated Fluency

Preferred:

  • Bachelor’s/Master’s Degree in Information Technology or Similar Area Of Study
  • At least 7 years of experience in Information Security or Networking
  • Certified in Security related Industry, Vendor or Professional Certification
  • 2nd language is also desired: Spanish, Portuguese, French, German

 

Education:

We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.

 

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

 

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

Share this opportunity

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit www.trustwave.com.

To All Agencies: Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.