Manager, Cybersecurity Operations (Threat Detection & Response)

Overview

This job helps REI succeed by managing Cybersecurity Security Operations services. It is responsible for proactive threat hunting and continuous event and incident monitoring and response. Provides direction to the team, sets work priorities, and works to improve proactive threat hunting and response. Ensures security events and alerts are triaged and responded to quickly to deliver top service and meet or exceed SLAs. Builds and institutionalizes SOC processes and keeps improving them for smooth service delivery. Contributes to and enforces departmental strategies, policies, and standards. Ensures team commitments are tracked, managed, and meet or exceed expectations. Maintains high-quality products and services to help keep REI’s market-leading advantage. Models and acts according to REI’s guiding values and mission.

Responsibilities and Qualifications:

• Leading the Way (team leadership, coaching and development responsibilities for this “manager of staff”)

Identifies and communicates key responsibilities and practices.

• Ensures the organization promotes a successful attitude, confidence in leadership, and teamwork to achieve business results.
• Supports the implementation of company programs, procedures, methods and practices to promote REI key messages.

Challenges and inspires employees to achieve business results.

• Ensures employees adhere to legal and operational compliance requirements.
• Oversees training and development of employees directly and indirectly managed and makes effective staffing selections.
• Conducts and ensures the completion of performance reviews.
• Provides coaching, direction and leadership support to employees in order to achieve department, company and customer results.
• Establishes and maintains visibility within the department.
• Monitors operational statistics, reports trends, variances and issues, and takes appropriate action.

Your Planning & Navigating Requirements (the plans the job creates and executes, and how the job ensures implementation)

• Develops long-term plans to ensure that information security resource capacity meets current and future enterprise needs.
• Communicates and collaborates with all other IT disciplines regarding Information Security performance issues, and solution design, development, implementation and evaluation.
• Contributes to division strategic planning.

Applies current knowledge and future vision of technology and systems. This work significantly impacts effective business process execution.

• Assists business areas in identifying current and future information services needs.
• Collaborates with other department managers to identify business needs.
• Plans, schedules, and coordinates work.
• Ensures integration of business needs and information technology solutions.
• Communicates with team regarding policies and procedures, projects and activities in other groups.
• Follows the governance process for technology projects, ensuring that project goals and recommendations are based upon business priorities.
• Prepares budget recommendations for staffing needs, costs of equipment and tools, maintenance, and future projects.
• Creates and maintains staffing plans.
• Ensures the team is trained and staffed for the projected workload, using internal staff and outsourcing.

Makes recommendations to management about long-term contractors or adding staff.

• Provides management with accurate, timely and relevant information about the status of projects, personnel and activities within the team.
• Performs basic line supervision, including hiring and firing. Conducts performance reviews and sets performance goals. Handles promotions and salary increases. Develops subordinates and manages performance and discipline.

Keeps abreast of technology changes and innovations in the information technology field.

• Manages or coordinates vendor relationships and contracts for products, services and support.
• Analyzes, assesses and recommends improvements in programs and practices to ensure compliance with regulatory and internal controls.

Required Skills & Experience Bachelor’s degree in computer science or business administration, or equivalent training and experience. 2+ years supervisory experience in the information technology field and the ability to direct technical work teams, especially in incident response scenarios. 5+ years experience in information security.

Heavy experience conducting formalized detection, analysis, investigations, and incident response to new and emerging security threats. Hands-on experience with SIEMs and SOAR tooling.

Experience building out operational playbooks for triage and response.:

Deep knowledge of MITRE ATT&CK and cyber kill chain model.

Experience developing and publish security operational metrics/dashboards and provide input to departmental KPI's and performance goals.:

Familiarity with AI-driven security tooling accelerating threat hunting, forensic investigations, automated containment efforts, etc.

Skills in resource management, project prioritization, problem-solving, issue management and negotiation, and mediation.:

Knowledge of business principles from multiple disciplines and ability to apply those principles. Ability to manage customer and vendor relationships.

• Builds capacity of individuals and teams through effective employee development, involvement, communication, and supervision efforts.
• Creates a strong, mutually supportive work spirit and culture where people can do their best.
• Establishes trust and inspires others.

Makes effective organization and people decisions in a manner consistent with REI's values and ethics.

• Delivers on commitments and holds others to same.

Champions the organization and advocates solutions in the overall Company's best interests. Uses business knowledge, innovative thinking, and sound judgment in the solution of problems or the pursuit of business opportunities. Consolidates information from various sources including feedback from others to reach sound decisions.

Preferred Qualifications:

Ability to negotiate contracts and agreements with vendors and service providers in the information technology business.

Experience developing team-level plans and contributing to annual budgets.:

Closing

At REI, we believe the outdoors is for all. We are committed to becoming a fully inclusive, anti-racist, multicultural organization. We know that there's strength in our diversity – that each employee brings unique skills, experiences, and perspectives. Every day you are driving change, fostering a culture of respect, and knowing you're backed by benefits that support your whole life. To work towards this commitment and fulfill our brand promise of inspiring and enabling a life outside for everyone, we seek employees who demonstrate different ways of working, create a sense of belonging, and actively listen and learn.

Pay Transparency We are committed to practices that promote pay equity and transparency. As required by applicable Pay Transparency laws, REI provides a range of compensation for roles that may be hired in locations under these requirements. Factors that may be used to determine your actual salary may include a wide array of factors, including: your specific skills and experience, geographic location or other relevant factors.

REI offers all regular employees a generous employee discount, access to health benefits, a retirement savings plan and accrued time off. Click here for a detailed overview of benefits plans by employee profile.

Pay Range

$144,000.00 - $244,800.00 per year