Director, Cybersecurity Operations & Threat Intelligence

This is a Full Time Job

World Wrestling Entertainment Inc. (WWE) with headquarters located in Stamford, Connecticut is seeking a Director of Cybersecurity Operations & Threat Intelligence. This is a supervisor position reporting directly to the Vice President of Information Security and is responsible for supporting and managing cybersecurity programs and daily activities of WWE's Security Operations Center/MSSP. He/she must have a strong technical and operational background and be process focused. He/she must have the ability to manage multiple priorities at the same time, quickly evaluate risks, and articulate security concerns in both a technical and business friendly manner.

The successful candidate must have a ''security first'' mindset, ensuring security related technologies and processes are maintained and kept up to date. Additional responsibilities include management over the detecting and analyzing of emerging threats, determining, and implementing countermeasures, and responding to observed security events and/or known security incidents.

Primary Responsibilities:
• Assist in the maturing of the organization's cybersecurity posture, by further establishing and delivering on key strategic initiatives.
• Recommends, configures, enhances, and maintains relevant security systems and tools based on areas of responsibilities and current threat landscape.
• Manages and contains information security incidents and events to protect critical assets, intellectual property, related data, and the company's reputation.
• Implements and manages security focused programs to ensure the organization is prepared to protect, detect, respond, and recover from a cyber-attack.
• Establishes new or matures existing cybersecurity policies and procedures.
• Supports the maturing of the organization's cybersecurity detection capabilities and key information security programs (i.e., Vulnerability Management), and technologies (i.e., SIEM, Endpoint Protection, Intrusion Detection).
• Monitors and responds to security alerts, notifications, and critical issues.
• Maintains WWE's Incident Response Plan (IRP), event and management runbooks.
• Conduct detailed, written security reviews for vendors, projects, and technologies with the appropriate stakeholders.
• Provides management oversight continuous development of WWE's vulnerability management program.
• Actively streamline and simplify workflows and processes; Use automation and orchestration for improved efficiencies where possible.
• Partners with WWE's managed services as it relates to emerging threat intelligence.
• Provides mentorship, advice, and skill enhancement to team members.
• Aligns closely with the Cybersecurity Engineering team.
• Liaise with other technical and business teams regarding secure architecture, management, and monitoring events to ensure threat indicators are rated by severity and responded to in a manner consistent with the threat.
• Develops and maintains Key Performance Indicators (KPIs) and metrics, providing weekly and monthly reports to senior management.
• Actively participate in external security assessments and audits.

Qualifications:

• 4-year degree in computer science or related combined work/education experience.
• Minimum 7-10 years relevant work experience in the field of cybersecurity.
• Certified Information Systems Security Professional (CISSP) preferred.
• Experience managing an organization's Security Operations Center (SOC) and/or experience and oversight of a Managed Security Service Provider (MSSP).
• Experience in event analysis, using log sources and packet capture technologies and techniques.
• Strong hands-on experience in related cybersecurity technologies and tools. Including but not limited to Next Generation Firewalls (NGFW), Web Application Firewalls (WAP), Unified Threat Management (UTM), Security Information and Event Management (SIEM), Network Access Control (NAC), Endpoint Detect and Response (EDR), security appliances, software, and vendor specific utilities.
• Experience in security related programs. Including but not limited to vulnerability and patch management, application security, IoT security, and mobile security.
• Knowledge of or hands on experience in secure configuration management and system hardening.
• Experience in computer forensics and cyber incident investigations a plus.
• Strong knowledge of TCP/IP, DNS, NAT, and the OSI Model.
• Experience with NIST Controls, the NIST Cyber Security Framework (CSF) and ISO/IEC 27000 series frameworks.
• Knowledge of or experience in deployment of the Center of Internet Security (CSC) Critical Security Controls (CSC) top 18
• Ability to analyze complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner.
• Strong operational and process background.
• Strong verbal and written communication skills.
• Strong attention to detail, well-organized, and able to manage time efficiently.
• Team player with ability to deal effectively with individuals at all levels.

_

WWE is an Equal Opportunity Affirmative Action employer and is subject to federal regulations pertaining to employment. WWE does not unlawfully discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, marital status, veteran status, or any other basis prohibited under federal, state or local laws governing non-discrimination in employment in every location in which the Company has facilities. WWE also provides reasonable accommodation for qualified individuals with disabilities in accordance with the Americans with Disabilities Act (ADA) and any other state or local laws. For information about Privacy and Information Security for WWE employment candidates, please review our Candidate Privacy Policy. For information regarding Terms and Conditions for this and other WWE websites, please review our Terms and Conditions of Use.