Description:
Most importantly this individual must have good communication skills, including the ability to write and verbally articulate industry terminology, to successfully brief management and the program committee.
MAIN RESPONSIBILITIES:
- Work with our Studios, product teams and security leadership throughout the incident investigation cycle to ensure remediation, eradication and lessons learned are rolled back into daily operations.
- Generate reporting with a synthesized view of enterprise-wide, insider threat risks and impact
- Be responsible for the Security Operations Center team. Collaborate with senior leadership to develop, as necessary, follow-the-sun incident response capabilities
- Influence policies and develop procedures for all aspects of security operations, focusing on threat modeling, threat hunting, digital forensics and incident response, and vulnerability management.
- Develop and maintain documentation on Cyber Security Operations, incident playbook and runbooks, process workflow, incident handling and forensic response capabilities
- Use cloud security tools such as AWS Athena, AWS GuardDuty, AWS CloudWatch, AWS Lambda, and Splunk to record, monitor, and alert on security events.
- Probe and research security risks that directly impact players
- Research and provide guidance on emerging threats
- Develop and report on OKR's and performance indicators related to vulnerability management and incident management
- Conduct forensics analysis on artifacts collected during incident response.
- Hunt for incidents and identify environment-specific indicators of compromise
- Lead the continuous improvement of the digital forensics and incident response program
DESIRED SKILLS AND EXPERIENCE:
- Bachelor's degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security or Information Technology, (or equivalent work experience).
- Three years of people management experience.
- Experience with cloud security features and vulnerabilities and remediation
- Demonstrated ability in Insider threat, counter intelligence and or cyber security
- Ability and willingness to think outside of the box to find creative and innovative solutions to reduce costs with a minimal impact on reliability
- Experience assessing cybersecurity maturity and building multi-year roadmaps to advance maturity; familiarity with the MITRE ATT&CK and NIST CSF frameworks.
- Driven by Excellence – you are driven by our mission and our passion for player integrity which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals.
- Deep knowledge of SIEM, security tooling across the OSI stack, threat hunting, incident response, and incident management
- Experience leading cyber threat investigations and a keen understanding of the current cyber threat landscape.
- Experience leading a technical team, including Incident Response, Engineering or Forensics teams
- Experience leading incident response efforts and reporting to relevant partners. This should include hands-on experience completing malware analysis, memory analysis and disk forensic
- Experience mentoring and developing security engineers & analyst
- Automation experience using Python, JavaScript, or a similar language
- Extensive infrastructure & cloud networking and have applied this knowledge to full packet analysis