Job Details

Information Security's Offensive Security Operations and Cyber Threat Intelligence Manager.

Job Description

PRIMARY FUNCTION: 

The Enterprise Security Engineering Manager (ESEM) is responsible for protecting TJU against a variety of threats to systems, infrastructure, and applications. The ESEM will manage the Offensive Security and Cyber Threat Intelligence functions to improve the organization’s overall security posture. This role will be responsible for leading the organization’s threat intelligence and threat hunting, adversarial simulation, security control validation, penetration testing/read team operations, application security, and attack surface monitoring functions. The ESEM's will act as an interface between strategic and process-based activities and the work of the key technology-focused analysts, engineers, architects and administrators in the IT organization.

                                                             

ESSENTIAL FUNCTIONS:

• Develop, maintain and continually evolve the Offensive Security Operations and Cyber Threat Intelligence function using internal and vendor resources/services to protect, defend and react to cyber threats faced by the enterprise
• Manage a staff of information security professionals, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members.
• Improve and execute the Offensive Security and Cyber Threat Intelligence strategy, plan, and roadmap based on sound enterprise security practices
• Oversee the daily operations of the Offensive Security and Cyber Threat Intelligence programs.
• Lead all Offensive Security initiatives including internal and external penetration tests, adversarial simulations, and other related Red Team Operations.
• Assist and provide leadership as a member within the organization’s Cybersecurity Incident Response team
• Tracks developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
• Interacts with co-workers, visitors, and other staff consistent with the iSCORE values of Jefferson.
• Researches, evaluates, designs, tests, recommends or plans the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.

OTHER FUNCTIONS AND COMPETENCIES:

• Stays current with all relevant IT security and compliance issues, technologies, and requirements.  Provides professional and technical training and direction for internal team members as well as external staff.
• Oversee the efficient collection, analysis, and dissemination of information on emerging cybersecurity threats
• Identify relevant cyber threats and provide information that enables cybersecurity teams to make informed and relevant decisions that strengthen the organization’s defensive posture
• A strong understanding and knowledge of adversarial tactics, techniques, and procedures, communication methods, and motivations.
• A strong understanding and knowledge of offensive security tactics, techniques, and procedures.
• Offensive Security experience in an complex enterprise environment.
• In-depth understanding of social, political, and criminal movements worldwide, their impact on cyber related threats
• Knowledge of common cyber threat groups, including criminal organizations & nation state actors, and operational tactics used by different threat actors
• Performs other duties as assigned.
• Implement application security/automated testing tools and integrate offensive security testing into DevSecOps pipelines.

EDUCATIONAL/TRAINING REQUIREMENTS:

Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field.

________________________________________________________________________

CERTIFICATES, LICENSES, AND REGISTRATION:

Professional certification (CISSP at a minimum) and related offensive security or cyber threat intelligence certifications such as OSCP, OSCE, GPEN, GXPN, GCTI, or other related certifications.

_________________________________________________________________________

EXPERIENCE REQUIREMENTS:

Five years experience with securing enterprise systems, evaluating and mitigating cyber security threats, designing/deploying operational solutions, and knowledge of enterprise security technologies and products.

Experience managing a technical team in information security operations or engineering.

Demonstrated expertise in Red Team and advanced penetration testing.

Demonstrated expertise in Cyber Threat Intelligence and Cyber Threat Hunting.

Knowledgeable in application security testing.

Hands-on experience with offensive security tools.

Work Shift

Weekend Day (United States of America)

Worker Sub Type

Regular

Employee Entity

Thomas Jefferson University

Primary Location Address

833 Chestnut Street, Philadelphia, Pennsylvania, United States of America

Nationally ranked, Jefferson, which is principally located in the greater Philadelphia region, Lehigh Valley and Northeastern Pennsylvania and southern New Jersey, is reimagining health care and higher education to create unparalleled value. Jefferson is more than 65,000 people strong, dedicated to providing the highest-quality, compassionate clinical care for patients; making our communities healthier and stronger; preparing tomorrow's professional leaders for 21st-century careers; and creating new knowledge through basic/programmatic, clinical and applied research. Thomas Jefferson University, home of Sidney Kimmel Medical College, Jefferson College of Nursing, and the Kanbar College of Design, Engineering and Commerce, dates back to 1824 and today comprises 10 colleges and three schools offering 200+ undergraduate and graduate programs to more than 8,300 students. Jefferson Health, nationally ranked as one of the top 15 not-for-profit health care systems in the country and the largest provider in the Philadelphia and Lehigh Valley areas, serves patients through millions of encounters each year at 32 hospitals campuses and more than 700 outpatient and urgent care locations throughout the region. Jefferson Health Plans is a not-for-profit managed health care organization providing a broad range of health coverage options in Pennsylvania and New Jersey for more than 35 years.    

Jefferson is committed to providing equal educa­tional and employment opportunities for all persons without regard to age, race, color, religion, creed, sexual orientation, gender, gender identity, marital status, pregnancy, national origin, ancestry, citizenship, military status, veteran status, handicap or disability or any other protected group or status. 

Benefits

Jefferson offers a comprehensive package of benefits for full-time and part-time colleagues, including medical (including prescription), supplemental insurance, dental, vision, life and AD&D insurance, short- and long-term disability, flexible spending accounts, retirement plans, tuition assistance, as well as voluntary benefits, which provide colleagues with access to group rates on insurance and discounts. Colleagues have access to tuition discounts at Thomas Jefferson University after one year of full time service or two years of part time service. All colleagues, including those who work less than part-time (including per diem colleagues, adjunct faculty, and Jeff Temps), have access to medical (including prescription) insurance.

For more benefits information, please click here