Manager, Security Operations - Detection

Gurgaon, India
Main Location
Bellevue, WA, United States
Open jobs

Are you someone who has solid background in the information security profession with a passion for protecting an organization’s computers, networks and data against computer viruses, security breaches and malicious attack? If so, we want to talk with you. As a Security Operations Manager, you’ll be a key leader of a growing team chartered with improving and maturing the security poster of Expedia Group while protecting corporate & traveler’s data. Your work will be instrumental in, not only, improving the security of company but testing cycle times but also in ensuring that all solutions complement one another and function seamlessly.

The ideal candidate would be open to new challenges, be extremely good at multi-tasking, be innovative, creative, disciplined and an outstanding teammate. The candidate would be comfortable driving continuous process improvement and collaborating effectively across teams to take on problems and implement new solutions.

What You’ll Do
  • You’ll be responsible to maintain and enhance when needed the overall daily operations of the Enterprise Risk & Security team providing 24/7 security support.
  • Lead Security personnel in the monitoring and management of security processes and technologies that reduce or remove security related risk in support of the enterprise and in compliance with regulatory requirements.
  • You will lead the activities of the security and threat detection departments.
  • You’ll support all aspects of a security event monitoring and incident response process.
  • You will seek continuous improvement of security events and proactively oversees research to identify emerging threats.
  • You’ll serve as domain expert on Detection Operations technologies, provide recommendations on new/emerging technologies, and ensure proper operation of all security systems and process.
  • Ensure that Detection Operations staff are properly trained on applicable systems.
  • Coordinate the development, delivery, and documentation of training programs and ensure staff maintains compliance with required training.
  • Assist with audits and create incident reports when needed ensuring information is concise and accurate and is application to security protocols.
  • Work with leadership to implement and maintain standards and procedures to drive efficiencies and security objectives.
  • Interface with Business Unit and Corporate group leadership to provide an understanding of current threats targeting their environments and what security measures are currently mitigating these threats.
  • Responsible for security event monitoring, forensic investigations and incident response as well as identifying new detection and investigative techniques/solutions.
  • Oversee network traffic and security events to identify malicious activity.
  • Coordinate with other members of the Cyber Security Services Team to ensure team cohesiveness.
  • Coordinate with Business Unit and Corporate teams to provide remediation recommendations and mitigate security threat findings.
  • Lead Cyber Security Incident Handling when necessary.
  • Provide audit and compliance request from internal and external entities with data as needed.
  • Provides support for security-related projects as assigned
Who You Are

You’ll fit this role if you have:

  • Bachelor’s Degree or equivalent level job experience in Information Security
  • 5+ years in Security Operations/Incident Response
  • Advance knowledge of networking, security architecture and security best practices.
  • Advance level data analysis experience with WAF, IDS/IPS, Full Packet Capture and Host/Network/Memory Forensics
  • Advance knowledge with the development of security policies, procedures, guidelines, etc.
  • Enterprise-level experience performing incident triage, analysis, incident response, and remediation for computer network intrusions, web application and server attacks, insider threats, and malware infections.
  • Extensive understanding of the life cycle of cyber threats, attacks, attack vectors and methods of exploitation.
  • In-depth experience reviewing and creating timelines high volumes of logs, network data, attack artifacts, security events and device logs from large corporate LAN/WAN network devices including Firewalls/Switches/Routers, Databases, Anti-Virus, Intrusion Detection Systems (IDS), Web Proxys, and Domain Name Servers (DNS)
  • In-depth experience developing content in enterprise SIEM (Security Information and Event Managers) platforms
  • Knowledge of adversary activities in cyber security with an understanding of intrusion set tactics, techniques, and procedures
  • Excellent verbal and written communication skills.
  • Able to work with sensitive materials and employee information and maintain confidentiality at all times.
We're a community of women leveraging our connections into top companies to help underrepresented women get the roles they've always deserved. Simultaneously, we work to build truly inclusive hiring processes and environments where women can thrive and not just survive.
Are you hiring? Join our platform for diversifiying your team