Teradata Information Security Investigations and Response in San Diego, California


If you want to be a key part of establishing and growing a large, global cloud consulting organization, then this opportunity may be for you. Teradata Corporation is a leader in delivering high power analytics to companies driving improved results and transformational capabilities. Our corporate security team is at the heart of ensuring we deliver our analytics solutions to our customer’s analytic ecosystem wherever they deploy our technology (on premises, managed cloud or public cloud). We are actively driving toward next generation service capabilities building on our already best in class services and consultants. We are helping customers determine how to maximize the opportunities enabled by cloud and how to successfully navigate towards the cloud mandates that many of our large, global customers have in place.

The Principle of Information Security Investigations and Response will leverage broad technical knowledge of the security practices and experience in managing enterprise investigations. This is a global role with overall responsibility for Incident Operations Orchestration, Investigations and Response, and working closely with partners across the organization to ensure proper procedures and being used to comply with Federal Rules of Civil Procedure. This role requires deep technical expertise and experience managing these security disciplines.

This position will work with the technical teams to create technology requirements to manage implementation of orchestration and incident management technologies. Implement and operationalize those technologies in provide intelligent automated responses to typical attacks and process to properly escalate and investigate more sophisticated attacks. Responsible for Investigations, Incident Response, and Threat & Malware Analysis.

The ideal candidate will have experience managing incidents across wide scale enterprises with different geo locations, laws and cultures. Have a proven track record of creating an agile incident response plan that can easily adjust to different situations, establish and train the incident response team, create response scenario procedures for different types of attacks and lead the team through desk top training. In the event of an actual event the effectiveness of the leader will be determined by how well the cross-team functions, uses the procedures and training created, and the outcome of the investigation. As a key member of the security leadership team flexibility and broad knowledge of security processes, along with strong communication and collaboration skills will result in a successful candidate.

Key Areas of Responsibility

Provide hands-on expertise over the following areas of information security:

Operations Orchestration

  • Implement technologies to analyze diverse sources of threat intelligence and alerts

  • Implement processes and procedures to correlate the disparate sources of information into a single view of the situation

  • Determine if an actual attack of false positive

  • Use automation to react to typical attacks

  • Create alerts for attacks that cannot be handled through automation

  • Document each attack and disposition

Investigations and Response

  • Experience in information security incident response and operational management

  • Working knowledge of Federal Rules of Civil Procedure

  • Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions

  • Develop and maintain incident response plan & scenarios

  • Lead incident response team

  • Provide training for incident response team

  • Test incident response capabilities

  • Additional duties include providing intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments.


  • BS degree in related field preferred. Equivalent experience/certification acceptable.

  • 7+ years of demonstrated technical knowledge in information security, security operations and investigations

  • Industry certifications such as CISSP, CCSP,CEH, PMP, GCIH, GSEC

  • Experience managing outsourced security operations

  • Proven track record of security leadership in investigations and identity management

  • Excellent analytical, troubleshooting & interpersonal skills

  • Strong verbal and written communication skills

  • Self-motivated and able to work independently

  • Effective communication skills to translate technical risks and exposures to a business perspective - formal reports and/or presentations

  • Requires the ability to travel international (15% - 30%) and the ability to work within a 24x7 environment.