Head of Cyber Incident Response & Cyber Threat Mitigation Services

Head of Cyber Incident Response & Cyber Threat Mitigation Services

Position Overview

Do you want to be part of a collaborative team handling potentially challenging situations as a leader of our cyber incident response and threat mitigation? The ideal candidate demonstrates analytical skills, leadership, and curiosity in threat reduction efforts.

A qualified candidate should be a collaborative self-starter who has a combination of strong technical aptitude, knowledge of security attack methods/stages (e.g., MITRE), a strong mindset, strong written and oral communication and can also inspire and develop talent. They must partner across the firm to drive identification, containment, investigations, response and recovery. As part of Guardian, the successful candidate must live by the Guardian operating principles of thinking big & growing, accelerate operational excellence, wowing the consumer, and be able to lead through change with courage.

You have

• The knowledge, experience, length of education needed to accomplish the desired end results.
• 7+ years broad/deep technology experience including public clouds
• 3+ years of leader experience in a security role, preferably involving incident response
• Incident response methodologies and evidence handline
• Strong written and oral communication skills
• Experience working across functions including business, legal, HR, communications, IT.
• Analytical and curious attitude
• Knowledge of threat hunting and risk mitigation
• Knowledge of NIST CSF, MITRE, and others frameworks, malware analysis concepts, types of attacks and attackers, common vulnerabilities.
• Experience with financial services or regulated entities, US privacy regulations.
• Ability to think in a structured and creative manner to address cyber incidents
• Ability to process cyber threat intelligence and translate into actionable mitigation techniques and strategies.
• Ability to lead a diverse high performing team.
• Ability to accelerate impact and lead positive cyber security change.
• Good knowledge of SIEM tools (Splunk preferred) and logging/monitoring, insider and UBA concepts and application.
• BS/MS in relevant experience in cyber security and/or industry related certifications desired
• A continuous & lifelong learner.

You will

• Lead a team of cyber security incident response and threat mitigation engineering professionals.
• Be responsible for planning, design, operating Guardian’s cyber incident response and cyber threat mitigations operations across the areas.
• Run our Corporate Incident Response Team as related to cybersecurity – coordinating actions and responses across teams.
• Manage the plans, playbooks, quick reference guides necessary – and out-of-band communication plans.
• Engage with 1st line teams to develop muscle memory and ensure containment actions (shutdown authorities are clear).Coordinate with business continuity/disaster recovery teams to ensure integrated approach to large events.
• Be responsible for triaging & leading cyber security incidents advanced from the security operations center
• Manage third-party incident retainers and prepare for any future engagements.
• Participate-in / coordinate periodic exercises with third-parties.
• Ensure quality of security incident handling and cyber threat mitigation work.
• Ensure incidents are appropriately tracked, reported and after-action reports documented. Ensure metrics are timely and accurate.
• Drive our user behavior analytics (UBA) program working with the business to develop and improve appropriate logging monitoring. Develop standard operating procedures for our 1st line SOC based on threats/observed incidents.
• Proactively identify gaps and opportunities in our logging and monitoring processes.
• Host monthly incident response calibration/collaboration meetings across HR, physical security, fraud, legal, compliance to collaborate on issues and shared threats and knowledge
• Communicate to various levels of the organization, both written and oral concisely and clearly.
• Provide strong technical understanding of security control monitoring process at different layers.
• Identify (and champion where applicable) risk mitigation.
• Collaborate with other leaders across cybersecurity to help define and complete cybersecurity strategy, financial, vendor and talent management.
• Contribute to the enterprise organizational Data Loss Prevention program
• Lead, manage, guide, and mentor the staff on a regular basis, including selection/retention, goal setting, annual reviews, and compensation planning and career development.
• Provide recommendations to management & leadership team to increase effectiveness of security technology solutions to mitigate cyber threats and handle incidents.
• Respond to and assist with due diligence and internal / external security audit requests.
• Identify and act on opportunities to further enhance and refine security incident handling & cyber threat mitigation processes & capabilities.

Location and Travel

• Three days a week at a Guardian office in New York, NY. or Holmdel, NJ
• 20% travel to other Guardian Offices as needed

Salary Range:

The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate. In addition to salary, this role may also be eligible for annual, sales, or other incentive compensation.

Our Promise

At Guardian, you’ll have the support and flexibility to achieve your professional and personal goals.  Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.

Inspire Well-Being

As part of Guardian’s Purpose – to inspire well-being – we are committed to offering contemporary, supportive, flexible, and inclusive benefits and resources to our colleagues. Explore our company benefits at www.guardianlife.com/careers/corporate/benefits. Benefits apply to full-time eligible employees. Interns are not eligible for most Company benefits.

Equal Employment Opportunity

Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law.

Accommodations

Guardian is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. Guardian also provides reasonable accommodations to qualified job applicants (and employees) to accommodate the individual's known limitations related to pregnancy, childbirth, or related medical conditions, unless doing so would create an undue hardship. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact [email protected]. Please note: this resource is for accommodation requests only. For all other inquires related to your application and careers at Guardian, refer to the Guardian Careers site.

Visa Sponsorship

Guardian is not currently or in the foreseeable future sponsoring employment visas. In order to be a successful applicant. you must be legally authorized to work in the United States, without the need for employer sponsorship.

Notice Regarding Guardian’s Use of Artificial Intelligence in Recruitment

As part of Guardian’s job application process, Guardian may use artificial intelligence tools (“AI Tools) to automate the sorting and filtering of information provided by applicants as part of its preliminary screening. This preliminary screening may be used to help identify applicant materials and resumes relative to their indication that the applicant meets the requirements for the specific job for which they are applying, as specified in the listing posted on Guardian’s jobs website (Careers at Guardian at https://www.guardianlife.com/careers). At Guardian, we do not use AI Tools to substantially assist or replace human judgment or discretionary decision making in our hiring process. All hiring decisions will be made by Guardian colleagues.

Please be aware that if you apply for a specific position with Guardian, you will have the choice of opting out of Guardian’s use of AI Tools during the job application process. If you would like to request an alternative process that does not utilize AI Tools or would like to request a reasonable accommodation, within ten business days of your position application, you must email your request to [email protected], making sure to provide your name and job requisition identification number. Guardian will retain your applicant materials and resume and all information therefrom in accordance with Guardian’s document retention policy, a copy of which you may request via [email protected].

Additionally, at applicable times, Guardian will make public the most recent bias audit results for such AI tools, which may be found here. 

Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday.