TIAA Senior Lead Cybersecurity Manager, Insider Threat in LEWISVILLE, Texas
TIAA is the leading provider of financial services in the academic, research, medical, cultural and government fields. We offer a wide range of financial solutions, including investing, banking, advice and education, and retirement services.
TIAA is looking for a passionate, self-driven Information Security Manager to lead our Insider threat team, investigating insider threat incidents, delivering insider threat analytics, and building automation in the insider threat field as part of our Cybersecurity Operations team.
You should be comfortable leading highly sensitive, complex, and confidential high-tech insider threat investigations into incidents of data loss and intellectual property theft, technology misuse, conflict of interest, and other policy violations. When potentially anomalous behavior is detected, the team is responsible for escalating the activity and working collaboratively with partners across the first and second lines of defense to determine the appropriate resolution of the matter. They need to be able to reach across teams to help drive understanding out of complex problems, keep a focused goal of producing intelligence, briefings, and recommendations for threat hunts and situations.
You will also be responsible for monitoring budgets and schedules for projects conducted by teams and ensures they are completed in a timely manner. You'll be asked to recruit, direct, motivate and develops staff, maximizing their individual contribution, their professional growth and their ability to function effectively with their colleagues as a team.
KEY RESPONSIBILITIES AND DUTIES:
Lead staff ofcybersecurity analysts, focusing on execution, planning, performance managementand staff development.
Providementorship and guidance to cybersecurity analysts, to help them develop intheir ability to recognize security incidents.
Drive largeincidents with multiple teams independently towards resolution, utilizingstandard investigative techniques to gather, analyze, and work with teams toprove or disprove the allegation(s) with data.
Brief internalcustomers (Information Technology, Human Resources, Legal, etc.) on relevantfindings on a need to know basis as determined by the sensitivity of theinvestigation or as mandated by the business.
Actively hunt forthreats in the environment and collaborate findings with a variety of highcaliber teams.
Conduct risk-basedanalysis of users and groups across the enterprise; develop investigativeaction plans based on findings.
Maintaineffective operational, coverage, and executive-level metrics.
Develop andmaintain standard operating procedures to reflect day-to-day operations.
Suggest new toolopportunities, methodologies, and improvements for hunting both insider orexternal threat-actors.
8 or more yearsof experience in at least one of the following areas; threat intelligence,threat hunting, data analysis, security monitoring, host or network forensics.
5 or more yearsof experience in managing, leading, and/or mentoring a team of individualcontributors
5 or more yearsof work with technical investigations/response, insider threats, or lawenforcement investigations.
5 or more yearsof experience working with at least one of the following enterprise securitysolutions: Security Information and Event Management, Data Loss Prevention,Endpoint Detection & Response, or UBA (User Behavior Analytics).
Specializedexperience in cyber incident response and cyber incident management
Analyticalability - The applicant should have experience identifying red flags,validating sources, and making judgment calls about the completeness andaccuracy of open source information
Excellent writingskills - The applicant should be familiar with legal and financial nomenclatureand be able to draft accurate, concise summaries.
Strategicplanning and resourcefulness - The applicant will be responsible for developinginvestigative plans and strategies for engagements and producing creativesolutions to challenging research problems
Experienceidentifying and managing work performed by subcontractors, includingnegotiating budgets and deadlines
Experienceworking with international colleagues and coordinating investigations acrosstime zones is a plus
Degree inmathematics, computer science, or other engineering discipline.
Stronginterpersonal skills, able to communicate with a wide range of technical andnon-technical partners.
Knowledge and/orexperience with the MITRE ATT&CK framework.
Standingrelationships with industry associations relevant to the position.
Equal Employment Opportunity is not just the law, it’s our commitment. Read more about the.
If you need assistance applying due to being visually or hearing impaired, please email.
We are an Equal Opportunity/Affirmative Action Employer. We will consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other legally protected status.
- Requisition ID: 1719976
Post Date: Jul 01, 2019
- TIAA Jobs