Lead, Cyber Security Operations Center

Company: VF Corporation
Location: Greensboro
Posted on: April 8, 2021

Job Description:

Here at VF we are taking a "people first" approach to the COVID-19 outbreak, focusing on protecting the safety, health and well-being of our associates. By following The World Health Organization's guidelines, we're in the process of thoughtfully reopening our stores and corporate offices. Our business remains strong and we are slowly increasing our recruiting efforts. We currently have a highly select group of openings that are posted here. We're planning on getting back to business as normal as soon as we feel it is safe to resume operations. Be sure to check back soon for new career postings! Please take care of yourself and your family. Security Operations Center (SOC) Lead: Become the Newest Member of the VF Family --As technology continues to advance so does the threat landscape. Attackers are now using more sophisticated tactics to evade security controls. As a result, VF must also continue to advance its capabilities in threat detection and monitoring systems. The Cyber Security Operations Lead is responsible for ensuring that the Security Operations team is providing proper monitoring, analysis, response, and escalation of security incidents and events. The Security Operations Center is first line of detection and defense which actively monitors the SIEM, reviews log and event data, and works tickets associated with said data. Providing research using internal and open source tools, resolving and escalating incidents using established policies and procedures. How You Will Make a Difference:

• Ensure proper monitoring--and--analysis of--logs, alerts, and external data sources to determine any security and/or operational impact to the organization.--
• Acts as a liaison between the Security Operations Analysts (Tier I and Tier II) and the SOC and IR Management team.--
• Reviews--research--performed by SOC Analysts related to--security events and threat intelligence data--to ensure accuracy--and--thoroughness.--Performing proactive threat research and validation for security event data generated from monitoring tools--and/or manual analysis.
• Reviews all IR tickets to ensure accuracy and completeness.
• Creates metrics based on the offenses handled and work performed by the Security Operations. Maintains Security Operations metrics dashboards.--
• Creation of Reference Sets within the SIEM tool to assist Tier 1/2--SOC Analysts with threat research.--
• Provide leadership and guidance to advance the defense capabilities of the SOC teams.--
• Trains all new SOC Tier I and SOC Tier II Analysts in the usage or all security tools and the execution of all SOC procedures.--
• Provide mentorship to junior members of the team as necessary and leading by example.--
• Acts as an escalation point for the Tier II--SOC Analysts.--Resolves--or escalates--any issues regarding Security Tools and the execution of procedures.
• Resolves or escalates cyber security incidents and events and escalates to the Incident Response team as needed per established guidelines.--
• Assists with the containment of threats and remediation of the environment during--or following--an incident.--
• Evaluates unwarranted changes within the environment as--part of--monitoring--rules within--the SIEM tool.--
• Creates--and executes--SOC compliance reports as necessary for risk and compliance teams.--
• Assists in the tuning of all Security Operations Security Tools--
• Ensures that critical infrastructure is reporting into the SIEM--and reports any systems that aren't reporting to the appropriate team/s.--
• Performs documentation of event analysis and records this data within our Incident Tracking tool. Ensuring all relevant data is captured within each incident.--
• Assists with--the--triage of service requests from internal teams within the organization through our incident ticketing system.--
• Enhances detections, alerts, and other cyber event correlation rules within the SIEM--and other Security tools--to reduce false positives.--
• Approves various block requests originated by the Tier I SOC Analysts.--
• Manages--the SOC documentation repository--by providing oversight--of the annual SOC Documentation review--process.
• Represent the Security Operations team in various SOC, Incident Response, and Cyber Security projects.-- Years of Related Professional Experience: 5+ years Educational/ Position Requirements: Position Requirements:
  • Experience executing security incident handling processes and procedures.
  • Working knowledge of Networking fundamentals including but not limited to; The OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration and/or Architecture.
  • Proficient understanding of various Operating Systems and their architectures: Windows, Unix/Linux and OSx.
  • Previous experience operating and tuning SIEM tools, IBM QRadar experience preferred.
  • Strong communication skills with the ability to work in a highly collaborative environment across many different disciplines.
  • Strong relationship skills and collaborative style to enable success across multiple business partners with a focus on building partnerships.
  • Excellent analytical and problem-solving skills.
  • Scripting capabilities in bash, python, ruby considered a plus. Educational Requirements:
    • A bachelor's degree in computer science, information systems or other related field (preferred); or equivalent work experience.
    • Professional security management certifications such as; Global Information Assurance Certification (GIAC) certifications such as GCIA, GCIH, Certified Information Systems Security Professional (CISSP) or other similar credentials are a plus. Special Physical and/or Mental Requirements: VF Corporation outfits consumers around the world with its diverse portfolio of iconic lifestyle brands, including Vans--, The North Face--, Timberland--, and Dickies--. Founded in 1899, VF is one of the world's largest apparel, footwear and accessories companies with socially and environmentally responsible operations spanning numerous geographies, product categories and distribution channels. VF is committed to delivering innovative products to consumers and creating long-term value for its customers and shareholders. VF Diversity Vision Statement
      VF is committed to creating an inclusive environment that welcomes and values the differences among all of our associates, customers, suppliers and the communities in which we live and conduct business. The continued success and growth of VF is enhanced through initiatives that promote diversity throughout VF around the world. VF is an equal employment opportunity/ affirmative action employer of minorities, females, protected veterans and the disabled. VF is committed to providing equal opportunities in employment, and treating our VF associates and VF applicants without discrimination on the basis of their race, color, gender, age, national origin, religion, sexual orientation, gender identity or expression, marital status, citizenship, disability, protected veteran status, HIV/AIDS status, or any other legally protected factor.

Keywords: VF Corporation, Tuscaloosa , Lead, Cyber Security Operations Center, Other , Greensboro, Alabama