Senior Manager Threat Response

Overview

Want to lead the ongoing operations and maturation of the Threat Response program for a Fortune 200 Company, providing strategic direction to improve existing capabilities? We want to speak with you!

The scope of the role will include people, policy, process, technology, and Managed Service Provider governance, requiring engagement with both technical and non-technical business partners from across the corporation. We are looking for a Senior Manager Threat Response in Richmond, VA but are open to a remote work arrangement.

What you will be doing• Lead a team of cyber security experts that deliver Altria's Threat Response capabilities, consisting of Cyber Threat Intelligence, OT Threat Response, and Computer Security Incident Response. Providing direction to ensure continuous improvement, and alignment to strategic risk reduction objectives.• Lead all enterprise Cyber Crisis Management planning and training exercises. • Providing strategic thought leadership and recommendations to drive maturity of the overall programs through improvements to the threat response function.• Collaborate with your peers in the overall Threat Detection and Response function, Managed Service Providers, Business Stakeholders, and others within the IT Risk Management department to qualify the risk of identified threats and provide timely recommendations to mitigate the risk.• Lead the planning and delivery of IT application, infrastructure, and process projects in support of continuous improvement and ongoing enhancements to the threat response function.• Provide input into the strategic roadmap and multiyear planning for Threat Response. Drive the execution of improvements in alignment with Altria's architectural and overall security strategies.• Provide ongoing governance over Managed Service Providers, ensuring a metric driven approach to reporting to drive risk reduction and service delivery improvements.• Manage Threat Response related budgets and forecasts through the annual budgeting cycle• Lead your personnel effectively, developing individual and organizational capability, managing resources, and providing guidance/direction to achieve organizational objectives.

We want you to have

Required:• 10+ years in an information security role and 6+ years of related experience with Security Incident Response; inclusive of cyber crisis management.• Expert knowledge of security incident response and incident handling techniques.• Experience coordinating large scale incident response activities.• Detailed and deep understanding of threat actor tactics, techniques, and procedures.• Detailed understanding of IT and OT security concepts and Defense-in-Depth practices.• Broad knowledge of Cloud Solutions (IaaS, PaaS, SaaS), IT technologies, operating systems, applications, and network security platforms; including, Security Information and Event Management (SIEM) systems such as QRadar and Sentinel.• Strong verbal/written communication, with ability to communicate effectively with individuals at all levels of responsibility and authority; ability to prioritize, lead/support an environment driven by customer service and teamwork; Strong trouble-shooting and organizational skills; ability to participate in resource planning processes based on defined organizational plans.

Preferred:• BS in Cyber Security, Information Systems, Information Technology, Computer Science, or equivalent experience.• Experience with:• Defining and building enterprise cyber crisis management plans• Defining threat response strategies to incorporate cyber threat intelligence into organizational response and detection capabilities.• Defining security strategy for SOAR implementation• MITRE ATT&CK framework and using it to improve detection capabilities• Endpoint Detection and Response (EDR) solutions.• Working in an Azure cloud environment including security solutions such as Sentinel and QRadar.• Certified Information System Security Professional (CISSP) certification and GIAC Certified Incident Handler (GCIH).

In addition to the opportunity to apply and develop your skills toward key business objectives, we offer an excellent compensation package including a competitive base salary, comprehensive health/vision/dental insurance, participation in our incentive compensation and deferred profit-sharing programs, as well as a relocation assistance package.

Company Overview

Altria has a leading portfolio of tobacco products for U.S. tobacco consumers 21+. Our tobacco companies - which have been the undisputed market leaders in the U.S. tobacco industry for decades - include some of the most enduring names in American business. In combustibles, we own Philip Morris USA, the maker of Marlboro cigarettes and John Middleton, manufacturer of Black & Mild cigars. Our smoke-free portfolio includes ownership of U.S. Smokeless Tobacco Company, the maker of Copenhagen and Skoal, and Helix Innovations, the maker of on! oral nicotine pouches. Additionally, we have a majority-owned joint venture with JT Group, Horizon Innovations, for the U.S. marketing and commercialization of heated tobacco stick products. Through a separate agreement with Philip Morris International, we have the exclusive U.S. commercialization rights to the IQOS* Tobacco Heating System® and Marlboro HeatSticks® through April 2024. Our equity investments include Anheuser-Busch InBev SA/NV, the world's largest brewer and Cronos Group, a leading Canadian cannabinoid company. Each Altria company is an equal opportunity employer. We are committed to providing individuals with criminal records, including formerly incarcerated individuals and individuals with conviction records, a fair chance at employment. Learn more about Altria at www.altria.com and follow us on Twitter, Facebook and LinkedIn