JOB SCOPEManage the 24x7 Security Operations Center for Charter's commercial and residential customer facing infrastructure (e.g. High Speed Internet, Voice, Mobile, Video, WiFi, Community Solutions, and Television stations) and associated technologies. Manages Tier II-IV Security Engineers to proactively identify, protect and respond to security incidents according to Charter's Incident Response Plan and Playbooks. Continually evaluates security operational strategies and identifies and develops requirements for new operational security counter-measures, leading the organization in their deployment. Advises Network Operations leadership of security operations status.DUTIES AND RESPONSIBILITIES
- Manages processes and controls that acquire and correlate security relevant system and application log data into Charter's SIEM.
- Oversees, coordinates and controls the management of cyber incidents.
- Manages the execution of security counter-measures to reduce mean time to remediate for security events.
- Leads Threat Hunting and Detection Engineering efforts to, identify threat vectors, develop use cases for security monitoring and execute Threat Hunts.
- Continuously drive the implementation of automation capabilities utilizing Security Orchestration and Automated Response (SOAR) capabilities.
- Creation of reports, dashboards and metrics for Security Operations and executive reporting.
- Actively and consistently support all efforts to simplify and enhance the customer experience
- Performs other duties as requested.
- BA/BS in Information Technology, Computer Science, MIS or related field or equivalent work experience
- Minimum seven (7) years of IT or Network work experience
- Minimum five (5) years of Security experience
- Minimum four (4) years of experience in managing information security functions that perform monitoring and incident response
- Minimum of three (3) years of supervisory experience within Security Operations
- Position requires in-depth knowledge of network and system security vulnerabilities and exploits.
- Understanding of how to detect security attacks and anomalies and how to respond to security incidents and intrusions
- Knowledge of forensic methodologies and best practices to investigate intrusions, preserve evidence and coordinate a unified security response
- Demonstrated experience in managing information security events and incidents for large and sophisticated networks
- Demonstrated leadership capabilities with the ability to work across functional boundaries, build consensus and drive results
- Ability to read, write and speak the English language to communicate with employees, customers, suppliers, in person, on the phone, and by written communications in a clear, straight-forward, and professional manner.
- Strong written and verbal communication skills and good presentation skills
- A problem solver, able to balance competing priorities, strong process orientation and ability to manage through complexity and rapid change
- After Hours work required during critical security incidents
- Minimal travel is required to participate in industry events
- Previous experience managing a Security Operations team
- Current security certifications, such as CISSP, Certified Information Security Manager (CISM), GIAC Certified Security Expert, Incident Handler or Forensics Analyst or similar