The Discover Security Intelligence and Incident Response Team (SIIRT) provides world-class digital incident response services. As the Senior Manager of the SIIRT Digital Forensics & Incident Response team (DFIR), the role will be responsible for leadership and management of CSIRT activities including: responding to computer security incidents, gathering forensic evidence, analyzing events based on digital artifacts, determining mitigation/remediation/security improvement opportunities, and working with stakeholders to communicate findings. The DFIR team works closely with other members of SIIRT including the Security Operations Center (SOC), Threat Intelligence, and other Cybersecurity and enterprise teams to maintain a secure operating environment for Discover.
SIIRT DFIR is dedicated, driven, and passionate about securing our organization through data-centric creativity. The ideal candidate is an Incident Response expert possessing 8+ years of technical experience:
• Bachelor's Degree in Information Security, Computer Science, Business Administration, Data Analytics, or related fields
• 6+ years of leadership experience in cybersecurity, technology, engineering, risk, compliance or relevant discipline; desired experience in credit card, financial and/or banking industry (or similarly regulated industry)
• In lieu of a degree, 8+ years of leadership experience in cybersecurity, technology, engineering, risk, compliance or relevant discipline; desired experience in credit card, financial and/or banking industry (or similarly regulated industry)
• Demonstrated organizational and leadership skills
• A deep understanding and experience in Digital Forensics and Incident Response
• Expert-level proficiency with major DFIR tools and techniques, including disk, memory, network forensics, and malware reverse engineering
• Strong multi-disciplinary background in information technologies such as: enterprise web applications, operating systems, computer programming, networking, and system administration
- Contribute thought leadership and technical solutions back into the investigative and DFIR community at a local and global level
- Provides assurance, guidance, and direction in the formalization of the cybersecurity framework.
- Directs the delivery of security programs and advanced secure architecture, systems, and applications. Manages risk effectively by translating regulatory requirements and business needs to develop security controls.
- Recommends remediation strategies to mitigate risk and close gaps. Leads the development of defense systems to counter breaches and cyberattacks.
- Manages a team that develops, implements, and maintains a comprehensive cybersecurity program. Oversees the evaluation, design, and implementation of security programs, controls, and infrastructure solutions. Manages the cybersecurity initiatives pipeline. Identifies cybersecurity impacts and risk considerations. Reviews regulatory and audit findings. Manages remediation of threat and risk issues. Directs the development of data analytics, metrics, reporting, and statistical analyses.