Teradata Information Security Investigations and Response in San Diego, California
If you want to be a key part of establishing and growing a large, global cloud consulting organization, then this opportunity may be for you. Teradata Corporation is a leader in delivering high power analytics to companies driving improved results and transformational capabilities. Our corporate security team is at the heart of ensuring we deliver our analytics solutions to our customer’s analytic ecosystem wherever they deploy our technology (on premises, managed cloud or public cloud). We are actively driving toward next generation service capabilities building on our already best in class services and consultants. We are helping customers determine how to maximize the opportunities enabled by cloud and how to successfully navigate towards the cloud mandates that many of our large, global customers have in place.
The Principle of Information Security Investigations and Response will leverage broad technical knowledge of the security practices and experience in managing enterprise investigations. This is a global role with overall responsibility for Incident Operations Orchestration, Investigations and Response, and working closely with partners across the organization to ensure proper procedures and being used to comply with Federal Rules of Civil Procedure. This role requires deep technical expertise and experience managing these security disciplines.
This position will work with the technical teams to create technology requirements to manage implementation of orchestration and incident management technologies. Implement and operationalize those technologies in provide intelligent automated responses to typical attacks and process to properly escalate and investigate more sophisticated attacks. Responsible for Investigations, Incident Response, and Threat & Malware Analysis.
The ideal candidate will have experience managing incidents across wide scale enterprises with different geo locations, laws and cultures. Have a proven track record of creating an agile incident response plan that can easily adjust to different situations, establish and train the incident response team, create response scenario procedures for different types of attacks and lead the team through desk top training. In the event of an actual event the effectiveness of the leader will be determined by how well the cross-team functions, uses the procedures and training created, and the outcome of the investigation. As a key member of the security leadership team flexibility and broad knowledge of security processes, along with strong communication and collaboration skills will result in a successful candidate.
Key Areas of Responsibility
Provide hands-on expertise over the following areas of information security:
Implement technologies to analyze diverse sources of threat intelligence and alerts
Implement processes and procedures to correlate the disparate sources of information into a single view of the situation
Determine if an actual attack of false positive
Use automation to react to typical attacks
Create alerts for attacks that cannot be handled through automation
Document each attack and disposition
Investigations and Response
Experience in information security incident response and operational management
Working knowledge of Federal Rules of Civil Procedure
Analyze and report cyber threats as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions
Develop and maintain incident response plan & scenarios
Lead incident response team
Provide training for incident response team
Test incident response capabilities
Additional duties include providing intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments.
BS degree in related field preferred. Equivalent experience/certification acceptable.
7+ years of demonstrated technical knowledge in information security, security operations and investigations
Industry certifications such as CISSP, CCSP,CEH, PMP, GCIH, GSEC
Experience managing outsourced security operations
Proven track record of security leadership in investigations and identity management
Excellent analytical, troubleshooting & interpersonal skills
Strong verbal and written communication skills
Self-motivated and able to work independently
Effective communication skills to translate technical risks and exposures to a business perspective - formal reports and/or presentations
Requires the ability to travel international (15% - 30%) and the ability to work within a 24x7 environment.