Director, Cyber Security Threat Analysis & Response

Information Technology Atlanta, Georgia Chicago, Illinois Washington DC, District Of Columbia New York City, New York Raleigh, North Carolina Charlotte, North Carolina Austin, Texas


Xylem |ˈzīləm|

1) The tissue in plants that brings water upward from the roots;

2) a leading global water technology company.

Xylem, a leading global water technology company dedicated to solving the world’s most challenging water issues, is the leading global provider of efficient, innovative and sustainable water technologies improving the way water is used, managed, conserved and re-used. Our international team is unified in a common purpose: creating advanced technology and other trusted solutions to solve the world’s water challenges. We are committed to creating an organization of inclusion and diversity, where everyone feels involved, respected, valued and connected, and where everyone is free to bring their authentic selves and ideas.

If you are excited and passionate about helping us #letssolvewater, we want to hear from you! For more information, please visit us at​.

We Offer You More Than Just “A Job”

  • Professional Development – To advance the capabilities of our people, we offer a wide variety of experiences to support our employees’ professional growth and continuous learning.
  • Total Rewards – We offer comprehensive programs for compensation, benefits, recognition, learning and development, work-life integration and corporate citizenship.
  • Watermark – Watermark is our corporate social responsibility program working to provide education and access to safe water to ensure healthy lives, gender equality, and resilient communities. Employees have the opportunity to learn and volunteer on various water-related projects.
  • Employee Networks – Our Employee Networks provide a professional, supportive network for employees from diverse backgrounds, including Women’s, LGBT+ and Allies, Veteran’s, People of Color and Allies, Emerging Leaders, and Working Parents Networks.

The Role: Reporting directly to Xylem’s CISO, the Director of Threat Analysis & Incident Response is the global focal point for 24/7 security incident management; threat and vulnerability management processes; and, insider threat and data loss prevention across the Company.  This leader will define process and utilizing multiple platforms, suppliers, and internal and external support groups, coordinate appropriate response and actions in these areas.  The Director will lead a team of security professionals whose core function is to provide continuous cybersecurity monitoring, incident triage, investigative response and data analysis services for the Company as well as running coordinated Table Top Exercises. The Director provides leadership and guidance and acts as a primary contact for senior management across enterprise and the evaluation, development, implementation, and monitoring of information security strategies and tools, for effective response.  Importantly, this individual will bring a strategic vision to the role identifying and ensuring the appropriate people, processes and technology are in place to protect the organization from evolving threats, and implement measurements in order to communicate the effectiveness of the global program and any risks which need addressed further.

The position will require collaboration across business units, IT infrastructure and application teams, software development and cloud architecture and other internal functional groups (Legal, Procurement) to ensure that the strategy and execution elements of Global Cybersecurity meet the needs of the Xylem.

Essential Duties/Principal Responsibilities:

  • Responsibility for information cyber security analysis & response with the mission of protecting against internet attacks / threat actors.
  • Lead the Cyber Threat Analysis & Response organization, to include the Continuous Threat Analysis Center (24/7), Incident Response Center, Cyber Counter Threat and Intelligence capabilities.
  • Lead initiatives and the implementation of capabilities in order to advance the Cyber Threat program.
  • Provide guidance and advocacy with regards to prioritization of Cyber Security investments, while ensuring effectiveness and risk reduction is gained, provide leadership & coordinate with stakeholders on matters relating to the definition of cyber security architectural principles and standards.
  • Enhance and distribute security incident response and escalation procedures to ensure timely and effective handling of security events and alerts.
  • Enhance Cyber Security program and strategy, and to expand threat management services across global business units.
  • Maintain industry affiliations that provide the necessary intelligence to proactively respond to threats. Such affiliations may include ISAC’s (Information Sharing and Advisory Center), Europol, US DHS (Department of Homeland Security), FBI, etc.
  • Apply knowledge of technical, analytical, project management, and negotiating skills to ensure the confidentiality, integrity, and availability of all information systems assets and ensure compliance with company policies, procedures, contractual, and regulatory requirements.
  • Establishes and governs security event monitoring/detection and cyber threat response and recovery capabilities and serves as the subject matter expert regarding all information security incident responses for the enterprise, including insider threat and data loss prevention
  • Works with IT Leadership to proactively develop and monitor information security strategies to protect the company from existing and future threats.
  • Actively provides consistent communication to key IT and business stakeholders on metrics and measures and the potential of new threats
  • Provides end-to-end problem management and root cause analysis for security incidents across the Enterprise
  • Works with security architecture & engineering, penetration testers, and strategic partners to architect advanced solutions to address issues
  • Provide extensive support and assistance to senior leadership for decision on future investments and addressing complex issues impacting Xylem’s security posture.
  • Coordinates with internal and external partners to negotiate and place security-related orders for services.
  • Provides input in the development of operating and capital budgets.
  • Work closely with the Chief Security Officer on the development of functional goals and objectives.
  • Participation in Xylem Watermark volunteer activities

Minimum Qualifications: Education, Experience, Skills, Abilities, License/Certification:

  • Bachelor’s degree in STEM field, related discipline, or equivalent experience.
  • Minimum 8+ years of increasingly diverse and complex experience in field of Cybersecurity within a global environment, with at least a minimum of 5+ years in security architecture and application, infrastructure security.
  • Excellent verbal/written communication, collaboration, analytical and presentation skills to lead an environment driven by customer service and team work; must be able to set goals and participate in strategic initiatives for a team; and foster the development of high performance teams and interface with all levels of the organization; ability to participate in development of resource plans and structures and influence organizational priorities
  • Extensive experience working with Cyber Security vendors negotiating rates, contracts, and service level agreements.
  • Excellent communication, analytical, and writing skills with the ability to participate in and lead team based projects.
  • Ability to carry high-level conversations; proven ability to present to senior leadership.
  • Experience and in depth understanding of the latest security principles, application security architecture, security technologies, techniques, standards and protocols.
  • Experience managing & configuring security technologies such as Next Generation Firewalls, Intrusion Prevention, anti-malware/anti-virus, endpoint security technologies, SIEM, log collection / management
  • Must work well in a dynamic team that is geographically dispersed.
  • Must maintain information security /cybersecurity certifications (e.g. CISSP, GCIH/ECIH, CISM).

Preferred Qualifications:

  • Master’s Degree
  • Scripting skills (i.e.: Ruby, Python, Perl, shell scripts)
  • Experience with cloud IaaS security operations

Physical Demands:

(The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)

  • Office:  Florescent lighting, dust, recycled air, cooling fans, semi-enclosed areas, central heating, seasonal warmer temperatures and office noise
  • Shop:    In locations with a factory or shop floor, exposure to factory/shop and machinery.  

Work Environment:

(The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)

  • Remote work opportunity
  • Standard weekly job hours: Monday through Friday, normal business hours (40)
  • Travel requirement: Approximately 20% (domestic and international)

Xylem is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.