Manager, Advance Cyber Threat, and Vulnerability Management

JOIN THE TEAM THAT'S POWERING PROGRESS

Building cities. Driving commerce. Saving lives. For over 100 years, Allison Transmission has powered the vehicles and technology that move our world forward.

What powers us? Our employees. From the first person hired by James Allison in 1915 to the thousands across the globe who work for Allison today, we're driving progress everywhere because we employ top talent worldwide.

Learn more about this role and how you can begin driving your career forward!

Job Title:

Manager, Advance Cyber Threat, and Vulnerability Management

Job Description:

The Manager of Advance Cyber Threat and Vulnerability Management will have the responsibility to execute our Information Security Strategy for Threat Hunting while continuing to develop and mature the existing Vulnerability Management program. The role has a hybrid of managerial and technical responsibilities. The ideal candidate will have experience in maturing Vulnerability Management programs and be versed in threat modelling, threat hunting, incident response, and penetration testing. This role will lead a team multi-focused on managing the end-to-end vulnerability lifecycle and detecting, disrupting, and eradicating the presence of threat actors from our enterprise network.

Key Responsibilities:

• Manage team responsible for actively hunting for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) across the enterprise network
• Develop the overall direction and strategy of the Cyber threat hunting, intelligence, detection, and response functions
• Lead team through the full threat hunting cycle, including the development of EDR detection rules, recommend and mitigate the effects caused by an incident
• Develop advanced queries and alerts to detect adversary actions
• Perform research, analysis, and response for alerts, including log retrieval and documentation
• Identify gaps in IT infrastructure by mimicking an attacker's behaviors and responses
• Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed
• Capture intelligence on threat actor TTPs and develop countermeasures in response to threat actors
• Partner with security and architecture peers to set direction for strategic countermeasures and new technology
• Lead incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
• Collaborate with the SOC and IR teams to investigate major incidents
• Perform Root Cause Analysis of security incidents for further enhancement of alert catalog
• Continuously improve processes for use across multiple detection sets for more efficient Security Operations
• Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc.
• Design, evaluate, and implement new security technologies
• Develop maintenance program for Threat and Vulnerability Management tools
• Manage team responsible for the end-to-end vulnerability lifecycle management.
• Engage in stakeholder management
• Ensure team is providing excellent customer service and support

Qualifications Required:

• Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline.
• Must have one of the following certifications: SANS GCIH (GIAC Certified Incident Handler), SANS GCFA (GIAC Certified Forensic Analyst), SANS GCIA (GIAC Certified Intrusion Analyst), SANS GNFA (GIAC Network Forensic Analyst), SANS GWAPT (GIAC Web Application Pentester), SANS GPEN (GIAC Penetration Tester), Offensive Security Certified Professional (OSCP)
• Information Security Certification (CISSP, GSEC, GPEN, CEH, etc.) or other related security certification is highly desired.

Experience

Required:

• Minimum 2 years' experience leading or managing cybersecurity operations and/or incident response team.
• 5+ years of experience in a technical role in the areas of Security Operation, Vulnerability Management, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence.
• Direct experience performing threat hunting in an active corporate environment.
• Experience analyzing system, network, and application logging for attack techniques at all stages of the cyber kill chain.
• Experience performing digital forensics or indecent response on major security incidents.
• Demonstrated experience leading cybersecurity vulnerability management and analysis.
• Experience in vulnerability scanning, SEIM, penetration testing, advanced malware protection and/or mobile device management.

Preferred:

• Experience in IT controls monitoring for regulatory and compliance requirements like SOX, NIST, and DFAR is a plus.

Primary Location:

Indianapolis, IN

Additional Locations:

Allison Transmission is an equal opportunity employer. We have opportunities for all qualified applicants regardless of age, race, color, sex, religion, creed, national origin, disability, sexual orientation, gender identity/expression or veteran status.

If you are an individual with a disability or a disabled veteran requiring assistance and/or reasonable accommodations reviewing any of the careers information, please contact us at 317-242-5000.

Please note that Allison Transmission will make an offer of employment only to individuals who have applied for a position using our official application. Be on alert for possible fraudulent offers of employment. Allison Transmission will not solicit money or banking information from applicants.