Sr. Director, Global Threat Detection & Response (Hunt & CTI)

Trustwave

  • Canada
  • Permanent
  • Full-time
  • 2 months ago
About TrustwaveTrustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can’t and respond quicker than others can to protect against the devastating impacts of cyberattacks. We’re a world-class team of cyber consultants, threat hunters and researchers serving clients in 96 countries. At Trustwave, you can learn alongside the best, make a personal impact on a global scale, and solve new challenges every day. Learn more about us at .Trustwave’s Global Threat Detection and Response Team (TDR) performs analysis and investigation of a variety of solutions within client environments with the objective of identifying and responding to threats that have a potential impact to our clients’ confidentiality, integrity and availability of data, services and infrastructure. Services are delivered through internal proprietary and enterprise-grade, third-party technology including XDR, SIEM, analytics and EDR tools in combination with Threat Intelligence and human skill.Trustwave SpiderLabs is comprised of four primary teams: Threat Hunting, Digital Forensics and Incident Response, Security Research, and Security Testing. Each is tasked with a specific set of goals and all work to support Trustwave’s world-class services.The selected candidate will lead SpiderLabs Global Operations including Cyber Threat Hunting & Intelligence and must be an expert with a solid technical understanding of network, host-based, and application investigations and response. This leader will support additional TDR services outcomes that include threat detection, root cause analysis, remote forensic investigation, intelligence profiles, malware reverse engineering, containment, remediation, and functions delivering related security services.Cybersecurity acumen and a proven track record to identify and to drive operational efficiencies for a global SOC services environment will be key selection criteria. The selected candidate must be a hands-on leader, a player-coach who can put intel into action and enjoys working at a global scale with a keen eye for detail, a passion for problem solving, a drive to advance capability and maturity, and a focus on client satisfaction.Job Requirements:
  • Strategic Vision & Business Acumen
  • Understand the broader cyber landscape, consultatively work with stakeholders to align cybersecurity services with client needs and organizational goals, and develop long-term strategies for growth and market differentiation
  • Possess a minimum 5-7 years leading at least 2 of the following disciplines globally: Hunt, Intel, DFIR, or SOC with previous experience as a senior consultant, senior manager, director, or senior director of cybersecurity with a preference for experience in national security, enterprise, or Managed Security Services (MSS)
  • Prior responsibility and experience with annual budgeting and procurement process
  • Demonstrate a track record of data-driven decision making; familiarity with data science & analytics techniques used to enhance security operations
  • Understand and identify cybersecurity risks, frameworks (e.g., NIST CSF, ISO 27001), and regulatory compliance (e.g., GDPR, HIPAA, PCI DSS) in practice and how they relate to the portfolio and client business drivers
  • Actively engaged for subject matter expertise by marketing and analyst relations stakeholders to promote Trustwave thought leadership and drive industry direction
  • Collaborate with internal and external cybersecurity associations, consortiums and working groups on behalf of Trustwave; represent Trustwave at industry events and conferences
  • Client Relationship Management & Communications
  • Exceptional skills in building and maintaining strong, trusted relationships with clients spanning business, communications & technical skill
  • Interact directly with clients to advise on cybersecurity best-practices and to resolve security and service concerns and show outstanding service
  • Follow-up on all issues and ensure development and resolution of continued improvement actions including staff training, consistent incident investigations, and quality security & risk management recommendations for clients
  • Collect, report and present operational metrics with a client-first lens to show progress, successes, and areas for improvement across a global team
  • Provide consultative support for Go-To-Market (GTM) activities by engaging with client stakeholders and peer executives to build meaningful business relationships demonstrating Trustwave’s TRUST values & behaviors
  • Leadership & People
  • Drive a multi-team strategy that gives hunters, intel analysts, and incident response teams vision, direction, support and focus, connecting to the broader service objectives
  • Ability to coach and manage higher-end analytical teams including managers and individual contributors responsible for cybersecurity detection & response tasks spanning multiple business units and end-client environments
  • Highly skilled people-leader with previous experience leading an organization of 20+ experienced security experts, able to identify and implement operational efficiencies, mentor global staff, create and maintain metrics and other key performance and quality indicators
  • Ensure proper global staffing resources are available and engaged
  • Counsel and coach; proven track record of high employee retention and career development and examples of providing leadership and support for functional management and staff, developing and managing employee performance, career paths, and actively leading staff recruitment
  • Ability to manage up and laterally to gain stakeholder support on initiatives
  • Technical Experience & Certifications
  • 10+ years information security experience including the ability to identify active adversaries that have established persistence in IT/OT environments, to actively discover risks and exploitation of vulnerabilities, and to contain and respond to active threats
  • Advanced understanding of tools, tactics, and techniques utilized by threat actors and ability to identify behavioral patterns that signal compromise or persistence
  • Prior experience designing, deploying, and support defense-in-depth solutions
  • Extensive knowledge of cyber threat intelligence frameworks (such as of MITRE); expert in cyber threat intelligence and how it is used in security protection and detection policies
  • Solid understanding of security architectures including extended detection & response (XDR), endpoint detection & response (EDR), security information & event management (SIEM), detection use-case development, and the role these solutions play in identification of new & changing threats through managed services
  • Solid understanding of remote, host, network, and application based forensic investigations using security and information technologies
  • Prior experience developing tools for task automation and analytical enrichment
  • Preferred 4-year degree in Cyber, IT and/or Business Management or equivalent experience
  • Security certifications such as CISSP, GCIH, GCFA, GCIA, and management certifications such as PMP and Six Sigma or equivalent experience preferred
Education:
  • A high school diploma or equivalent is required; a college or university degree is a plus.
This is a remote opportunity open to anyone legally authorized to work in Canada. Guided by our flexible workplace philosophy, , people gather in the office when in-person interaction is most impactful; full-time remote employees may be asked to travel occasionally based on the needs of the team and the business.Trustwave is an Equal Opportunity Employer. We're committed to treating everyone with respect, one of our core TRUST Values, and strive to create a culture that empowers all Trustees to be their best, most authentic selves. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.To All Agencies:Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.#LI-MM1

Trustwave