Cyber Threat Intelligence Operations Manager Details

Cyber Threat Intelligence Operations Manager

Deloitte - San Antonio, TX

Employment Type : Full-Time

Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with other experts in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture? Want to make an impact that matters? Consider Deloitte Global.Work you'll do:Are you energized by helping organizations protect their data and build client trust? Do you want to work in one of the world’s largest holistic internal cybersecurity organizations? If you’re interested in proactively preventing, detecting, and responding to cyber-attacks across a complex global footprint, then Deloitte Global could be the perfect place for you. We’re looking for an analytical thinker passionate about cybersecurity to join our team. The Intelligence Operations Manager reports to the Threat Intelligence Service Lead.

As the Intelligence Operations Manager, you will lead the collections and engineering and development sides of the threat intelligence team.

  • The right candidate is a motivated individual with excellent technical, interpersonal, and managerial skills to lead a multinational team of intel collectors, malware analysts, engineers, and developers to collect, process, and exploit data for intelligence value and build and maintain intelligence tools as well as the intelligence tools’ integrations with other security tools.
  • The Intelligence Operations Manager will regularly interface with Global security teams, vendors, and cybersecurity partners in intel sharing groups throughout the world. Responsibilities include:
  • Lead your teams to enable the Threat Intelligence team to proactively identify and report on threats to Deloitte
  • Managing two teams led by two managers across 4 countries
  • Own the platforms and tools our team relies on and ensure they are well integrated w/ the rest of the cybersecurity platforms and tools
  • Build and maintain the intel collections plan
  • Manage intel collections and PED for OSINT, vendor intel, shared info, and internal telemetry
  • Manage the process for internal telemetry processing
  • Establish and maintain sharing group relationships
  • Communicate with various stakeholders ranging from technical to non-technical
  • Regularly interface with Global and member firm security tool teams to ensure the well functioning of the TIP’s integrations
  • Manage the projects and initiatives for improving and enhancing intelligence outputs
  • Ensure the process for disseminating IOCs is optimized
  • Establish, execute, grow, and maintain the process for intrusion analysis.
  • This Deloitte Global role requires limited travel.
Who you’ll work with:The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte’s global network of firms around the globe.

What you'll be part of - our Deloitte Global Culture:

At Deloitte, we expect results. Incredible—tangible—results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and implement global strategies and provide programs and services that unite our network.

In Deloitte Global, everyone has opportunities. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.

How you'll grow:

Deloitte Global inspires our people at every level. We believe in investing in you, helping you at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching, and mentoring. We want you to ask questions, take chances, and explore the possible.

Benefits you'll receive:

Deloitte’s Total Rewards program reflects our continued commitment to lead from the front in everything we do — that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters. Corporate Citizenship:

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.
Education
  • Bachelor’s degree: a technology-related field, cybersecurity-related field, intelligence-related field, or equivalent education-related experience
Required Technical Experience
    • Minimum of 5 years of experience in security operations or threat intelligence; Minimum of 2 years of experience in a management role
    • Understanding of host and network forensic artifacts and indicators of compromise
    • Understanding of cyber threats and how intelligence is used by security appliances and operators
    • Ability to quickly develop proficiency in utilizing Threat Intelligence Platform software such as ThreatConnect or Anomali or MISP
    • Experience leading the development and maintenance of technology systems
    • Experience working in information technology / cyber security for a large, complex enterprise and collaborating across teams
    • Experience working independently and geographically separate from some team members
    • Desire and ability to work in a dynamic, fast-paced environment
    • Ability to work from home during the 9am – 5pm hours ET as well as other times as needed to accommodate occasional operational needs given the global nature of the team.
Other Qualifications:
    • Intelligence Community background supporting report creation
    • Historical knowledge of major cyber threat actors and their malware families
    • Familiarity with Threat Intelligence Platform software such as ThreatConnect or Anomali
    • Membership to one or multiple formal or informal intelligence sharing groups
    • Background in applied statistics, data analysis for large data sets, and associated tools such as R
    • Strong familiarity with IT systems and networking
    • Development and coding experience
    • Ability to work in Arlington, VA as much as 2 days a week, Monday through Friday

Posted on : 2 years ago
 Apply Now