Manager, Cyber Security - Offensive (Remote)

With a focus on Mobility, Operational Excellence, Value to our Customers and the Electrification of vehicles, you can expect to be part of something exciting. From the sleek design of our vehicles to the unique opportunities we offer around the globe, Nissan exemplifies ingenuity in everything we do. Our people are what drive the business forward.

We are currently looking for a Manager, Cyber Security - Offensive (Remote) to join our team in Franklin, TN. This role will be responsible for leading the Security Offensive Team across the Americas to identify, protect, detect, respond, and recover from cybersecurity threats.

The information security manager is primarily responsible for providing leadership, as well as operational and tactical direction to diverse teams, including analysts, engineers and architects. The security manager provides strategic direction, but at the direction of the InfoSec Senior Manager and / or CISO. The security manager leads the team through the information security program by establishing highly effective policies, corporate protocols and appropriate collaboration among teams. In addition, this leader assumes responsibility for the education and enforcement of those protocols and matters of compliance.

The security manager possesses a strong technical background and understands risk, mitigation and technical controls. The manager is expected to lead teams that perform technical work, and must possess leadership qualities.

The cybersecurity offensive team must continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate computer systems. The Manager of this team is expected to consistently learn and grow with the team. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business

The cybersecurity offensive team must constantly search for system and application weaknesses to exploit. The team must collaborate with others on the team for IS/IT remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy.

The cybersecurity threat intelligence functional role is responsible for conducting in-depth research, documenting threats, understanding the risk to the business, and sharing information with those who need to know. Among the research conducted, the analyst will seek to uncover patterns and trends and be forward-thinking as to how threats may evolve. Furthermore, the analyst will participate in simulation exercises designed to uncover weaknesses related to threats, with the goal of implementing defensive solutions prior to attacks and disrupting attacks in progress. The analyst will also distill threat intelligence so technical and non-technical contacts can understand it and make educated decisions about next-step actions.

Duties and Responsibilities

• Analyzes technologies and establishes highly effective processes and protocols to ensure comprehensive protection exists to prevent unauthorized entry into the company networks and systems.
• Supports automation and orchestration to maximize team talent and reduce routine tasks.
• Actively recruits and leads by example to create a culture where employees want to work.
• Mentors security team and places a heavy emphasis on employee retention - people, first.
• Conducts independent verification and validation testing of the company networks and sensitive programs through internal team resources and independent consultant engagements.
• Leads the team to implement secure enterprise systems and identifies issues that could compromise data integrity or security.
• Develops IT security programs and recommends necessary changes to the information security team to ensure the company's systems are fully compliant with all applicable regulatory requirements and privacy laws.
• Facilitates third-party audit reviews of internal departments.
• Provides periodic training to company employees on information security topics.
• Participates in the company's change management program.
• Stays abreast of the security industry threat landscape, specifically within the company's industry.
• Recognizes his/her personal developmental needs and is proactive in obtaining the coaching, networking and training needed to ensure his/her continued success in the position.
• Creates a working environment that is conducive to two-way communication, teamwork and learning.
• Recognizes the varying strengths, skills and needs of the team and adapts his/her coaching skills to obtain the best possible results from each individual contributor.
• Openly supports the organization, the management team and executive leadership team, even during times of adversity.
• Utilizes open communication and managerial courage to ensure the standards, expectations and goals of the organization are respected and upheld.
• Acts as a change agent and drives the department and business forward using effective management, analysis and strategic skills.
• Leads security-related projects from inception to successful completion and is capable of effectively coaching technology staff on appropriate security protocols and needs as they implement new technology into the organization.
• Assumes responsibility for other duties as required or assigned.

Qualifications

Education

• Bachelors or Equivalent Experience in a relevant field

Specialized Knowledge

• Working knowledge NIST, ISO, FIPS, GDPR, CMMC, DFARS, PCI-DSS, CCPA, NYDFS
• Cloud Security
• Identity and Access Management (IAM)
• Network Security
• Database Security
• Application Security

Skills

• Strong written and verbal communication skills across all levels of the organization.
• Applicable knowledge of adversary tactics, techniques and procedures (TTPs), MITRE ATT&ACK framework, CVSS, open source intelligence (OSINT) and deception techniques.
• Demonstrated ability to investigate, handle and track incidents.
• Proficient in SIEM, intrusion detection and prevention systems (IDS/IPS), threat intelligence platforms and security orchestration, automation and response (SOAR) solutions to centralize and manage incident and remediation workflow.
• Ability to analyze incident logs, assess malware, and understand vulnerabilities and exploits, along with strong operating systems knowledge.
• Experience in incident handling, vulnerability management, hacking tools, intelligence gathering and kill chain methodology.
• Proven threat hunting experience and ability to track adversaries.
• Demonstrated experience conducting tabletop exercises and adversary emulation.
• Capable of working with diverse teams and promoting an enterprise-wide positive security culture.
• Ability to maintain a high level of integrity, trustworthiness and confidence, with the highest level of professionalism.
• Strong project management, multitasking and organizational skills.
• Proficient with Python, PowerShell and Bash.
• Ability to preserve credibility with the team and external constituents through sustained industry knowledge.
• Ability to motivate teammates to achieve excellence and willingly shares knowledge.
• Demonstrated understanding and comprehension of a wide range of network and host cybersecurity solutions.
• Competent with testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire and AutoSploit.
• Experience conducting penetration-testing/red team engagements as a consultant or within a previous role in a professional organization.
• Strong operating system knowledge across *nix, Windows and Mac; proficient with networking protocols.
• Ability to obtain and maintain persistence within corporate systems, while avoiding detection.

Leadership Skills

• Demonstrates strong written and oral communication skills.
• Understands service design and delivery concepts.
• Demonstrates solid organizational skills and the ability to multi-task, prioritize workload and delegate responsibilities.
• Effectively manages stress in a constantly changing environment.
• Leverages subject matter expertise in security and compliance.
• Demonstrates excellent judgment and the ability to make quick decisions and think outside the box when working with complex situations.
• Demonstrates a high level of flexibility.
• Is forward thinking and possesses business acumen.
• Possesses a high level of integrity, trustworthiness and confidence, and represents the company and its management team at the highest level of professionalism.
• Demonstrates strong analytical skills and is effective at interpreting and applying applicable regulation.
• Works effectively with a variety of personalities and can adapt his/her approach to effectively reach and develop his/her team. Uses this skill as well as his/her functional knowledge to both earn and maintain a high level of credibility with the team.

Other Characteristics (e.g. personal characteristics)

• Self-motivated-ability to get yourself going and take charge of what's next for you.
• Integrity-you will hold yourself to the highest ethical standards and comply with all company policies, laws, and regulations. You will make management aware when you observe violations of company policy, law, or regulations.

Professional Certifications

• CISSP, GCTI, GCFE,GCIH, GREM, OSCP preferred, but not required.

Relevant Work Experience

• 7+ years of cybersecurity risk management and/or IT experience.
• 5+ years of cybersecurity or information technology practitioner experience.
• 5+ years of related security systems administration with endpoint, network, application and host-based security solutions.
• At least two years cloud computing (e.g., Amazon Web Services, Google Cloud Platform or Microsoft Azure) security configuration and management experience preferred.

Direct Reports

This position does have direct reports

Welcome to an open lane of possibility. Drive your career forward and join the company leading the technology and business evolution of the automotive industry by applying today.

Nissan is committed to a drug-free workplace. All employment is contingent upon successful completion of a drug screen for roles based in the United States and background screening for all positions.

All of us at Nissan - regardless of functional area or expertise - share a passion to design, manufacture, and sell high-performance vehicles. It is Nissan's policy to provide Equal Employment Opportunity (EEO) to all persons regardless of race, gender, military status, disability, or any other status protected by law. Candidates for this position must be legally authorized to work in the United States and will be required to provide proof of employment eligibility at the time of hire; Nissan uses E-Verify to validate employment eligibility. **Visa sponsorship for this position is not available at this time. **

Salary Range Estimate: Annual Salary: ($84,433 to $173,070). This compensation range represents the minimum and maximum base salary rates at Nissan for jobs assigned to this particular grade level. Please note that it is uncommon for an employee to be placed at either end of the range. Rather, an employee's actual base salary generally may fall somewhere in between and reflect the employee's unique skills, work experience, education, work location, and market norms. Additionally, pay may be based on comparisons to the base salary rates of other employees with similar backgrounds working in comparable roles.

NISSAN FOR EVERYONE

People are our most valuable assets, and diversity and inclusion are the key to maximizing the power of each individual member of our team. When everyone belongs, the power of NISSAN is undeniable. Our Corporate Diversity Initiative aims to improve business results by ensuring that our workplace and core businesses meet the unique needs of our employees and customer base.

Nissan is committed to creating a culture where everyone belongs and employees, customers, and partners feel respected, valued, and heard. We have over 10 Business Synergy Teams (BSTs) across the U.S. and Canada that connect employees - with shared characteristics or interests - build allies, and foster a company culture where all employees feel supported and included.

Nissan also values inclusion in all areas of our business as we strive to mirror the diversity of our customer base and the communities where we do business. We are committed to procuring innovative goods and services, retailing our products and communicating from a diverse perspective which will help us continue to offer our customers competitively designed, market-driven products.

Join us as we carry our commitment to diversity and inclusion into the future.

Franklin Tennessee United States of America