Cyber Threat Defense Leader

Company: Chemours
Location: Charleston
Posted on: November 20, 2022

Job Description:

As we create a colorful, capable and cleaner world through chemistry, we invite you to join our team to harness the power of chemistry to shape markets, redefine industries and improve lives for billions of people around the world. HELP SHAPE THE FUTURE OF CHEMISTRY AND THE WORLD From the frontline to the back office, every Chemours employee is part of something bigger than themselves as together we work to create a better world through the power of our chemistry. Chemours is a $6.3 billion company with a portfolio of products and processes that enable technologies and products that people use every day in their lives. From cellular phones to lower emission vehicles, to 5G communications and clean energy from hydrogen, were collaborating with customers to make these innovations more capable. Simply said, we use our chemistry to change lives, shape markets, and redefine industriesone improvement at a time. Chemours is seeking a Cyber Threat Defense Leader to join our growing Cyber Fusion Center team! This position will report directly to the Head of Cyber Threat Defense & Prevention in our Wilmington, DE or Remote location. As the Cyber Threat Defense Lead, this role will serve as a technical leader of the Cyber Threat Defense function within the Cyber Fusion Center by helping to facilitate the transformation of our current Security Operations Center (SOC) and the Chemours Incident Response Team (CIRT). This leader will have significant expertise and experience in operating and optimizing technical security controls and incident / event monitoring technologies and must have strong skills in managing and handling complex incidents and coordinating large numbers of participants through all phases of the NIST computer security incident handling process. The candidate must have strong skills in Microsoft O365, Data Loss Prevention (DLP), vulnerability scanning and patch management, operating system hardening, as well as experience with enterprise risk management and vendor relationship management. The responsibilities of the position include, but are not limited to, the following: + Lead Logging & monitoring, incident response, and continuous red team programs + Lead 24x7 SOC function by providing technical direction and organizing and negotiating the allocation of company and managed service resources in a matrix structure, across time zone and national boundaries in time of Cyber crisis and peacetime + Collect information on emerging TTPs and threats to the organization through communication with partner institutions, mailing lists, open source news, industry partnerships, etc. + Continuously improve by creating, measuring and updating Incident Response Runbooks and Playbooks + Contribute to planning, design, implementation, and updating or tuning of use cases in SIEM + Experience replicating common and emerging TTPs to support Red Team functions and other areas of the cyber fusion center + Define and manage KRI and KPI metrics to track and drive continuous improvement, including providing regular updates and reports to leadership + Work with multiple vendors to building strong business partnerships by managing expectations + Assist with information or Cyber security projects as needed + Create technical and high-level incident reports for various stakeholders The following is required for this role: + 5 years of experience in an IT role, with at least 3 in any of the following disciplines + Incident Management/Response + Penetration Testing / Adversary Emulation + Cyber Threat Intelligence + SANS Certifications: GCIH, GSOM, etc. + Working experience Detecting and analyze incidents, and coordinating activities with other stakeholders for containing an, eradicating threats, and recovering from incidents + Contribute to the integration of malware analysis, forensic investigation, and threat research into incident response and long-term understanding of threats + Understanding of basic pen testing and red-teaming concepts with working experience performing red team operations in an enterprise environment The following is preferred for this role: + Certifications with corresponding experience will be used as a differentiator: OSCP, OSCE, OSEP, CRTP, CRTE, CARTP, PACES, CRTO, etc. + Strong understanding of the MITRE ATT&CK Framework + Comfortable with SIEM Tools and various query languages: Splunk, ELK, Sentinel (KQL), etc. + Ability to operationalize various forms of threat intelligence (to support various areas of the cyber fusion center) + Conduct technical analysis against impacted systems to determine impact, scope, and recovery from active and potential cyber incidents Benefits: Competitive Compensation Comprehensive Benefits Packages 401(k) Match Employee Stock Purchase Program Tuition Reimbursement Commuter Benefits Learning and Development Opportunities Strong Inclusion and Diversity Initiatives Company-paid Volunteer Days Were a different kind of chemistry company because we see our people as our biggest assets. Instead of focusing just on what our employees do each day, we look at how they do itby taking a different approach to talent development, employee engagement, and culture. Our goal is to empower employees to be their best selves, at Chemours and in life. And were proud to be Certified by Great Place to Work. Learn more about Chemours and our culture by visiting Chemours.com/careers. (https://www.chemours.com/en/careers) Chemours is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, race, religion, color, gender, disability, national or ethnic origin, ancestry, marital status, family status, sexual orientation, gender identity or expression, or veteran status. Jurisdictions may have additional grounds for non-discrimination, and we comply with all applicable laws. Chemours is an E-Verify employer Candidates must be able to perform all duties listed with or without accommodation Immigration sponsorship (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status) is not currently available for this position At Chemours, you will find sustainability in our vision, our business and your future. If you want to work on the leading edge of your field and have a desire to make a difference, join Chemours and discover what it means when we say We Are Living Chemistry.

Keywords: Chemours, Charleston , Cyber Threat Defense Leader, Other , Charleston, West Virginia