Job Information
Intuit Group Manager, Security and Risk Ops in San Diego, California
Overview
You will own and implement the strategy of the detection operations program as well as establish metrics that demonstrate continuous maturity towards target state objectives. The ideal candidate for the role should have a strong background in SIEM operations, incident response, high interpersonal and leadership skills, be highly analytical and data driven, and have strong verbal and written communication skills.
What you'll bring
Proven track record of building scalable organizations that have world class threat detection capabilities
Experience managing both in-house and out-sourced detection teams
Technical proficiency performing security investigations at scale; including endpoint, cloud, identity, network, and email threats
Practical experience with Detection & Response tools for network, endpoints, cloud, and identity as well as SOAR platforms
Hands-on experience with SIEM and Data Lake solutions (e.g., Splunk, Snowflake, S3)
Expertise with query languages (SQL, SPL, BigQuery)
Strong fundamentals of Linux, MacOS, and Windows operating system internals
Deep understanding of attacker techniques, tools and procedures
Understanding of cloud environments such as AWS, GCP, and/or Azure
Proficiency creating and managing operational metrics that increase team efficiency and quality
Experience working with security frameworks like MITRE ATT&CK or Lockheed Martin’s Cyber Kill Chain; ability to track and discuss an attack through the cyber killchain
Ability to manage effective relationships with organizational leaders, build a roadmap, and drive broad initiatives to completion
Enthusiastic about managing and mentoring individuals pursuing careers in security operations and incident response.
Preferred Skills
Admin or Architect level knowledge of a SIEM (Splunk, Azure Sentinel, QRadar, etc)
In-depth knowledge of security standard processes in large-scale environments
Ability to navigate hard conversations and disseminate information to team members.
Willingness and ability to accept responsibility and provide guidance to team members
Effective organizational and planning skills, with the ability to successfully guide projects through to completion
Experience with software development or security automation highly preferred
CISSP or CISM certification preferred
Hand on experience with AWS Cloud (AWS Solutions Architect level of knowledge)
Required Education / Experience
BA/BS degree or higher in Computer Science, Cybersecurity or equivalent work experience
5+ years’ industry experience in Incident Response or Security Operations activities
3+ years leadership experience in a SOC or similar role
How you will lead
Define detection operations strategy, roadmap, and objectives
Participate in Cyber Incident Response Team (CIRT) rotation that may involve non-traditional working hours
EOE AA M/F/Vet/Disability. Intuit will consider for employment qualified applicants with criminal histories in a manner consistent with requirements of local law.