Job Information
Carhartt, Inc. CYBER SECURITY OPERATION SUPERVISOR in United States
Job Summary
The Cyber Security Operation Supervisor is to contribute to the fulfillment of the Carhartt mission and vision by ensuring confidentiality, availability and integrity of network or systems within Information Technology Services. The Cyber Security Operation Supervisor role is primarily responsible for leading the Security Operation Center (SOC) Security Admin(s), to ensure proper handling of security events, according to established policies and best practices. Job responsibilities would be to provide training to the Cyber Security Admin(s) and serve as an escalation point for Carhartt’s SOC. Function as the main liaison between the SOC and other inside teams. Develop reporting and metrics, designed to be shared with the security leadership team. Handle day-to-day security operations, maintaining high team morale. Conduct regular Cyber Security Admin evaluation sessions. Ensure security events are handled with SLAs incorporated into the process. This position will ensure compliance to cyber security policies, procedures, incident response procedures, investigations and industry best practices that relate to technical controls and systems. Evaluate and recommend new and emerging security products, technologies and in projects that enhance protection strategies for the organization. The position for the Cyber Security Operation Supervisor will help support the business and may be asked to conduct other responsibilities and tasks as needed.
Ways of the Carhartt Leader
We are all leaders at Carhartt. Some of us are asked to lead from day one, others one day. We are all given a seat at the table……
Lead Self:
Be Dependable: trusted to do the right thing and behave in a consistent manner.
Be resilient: learn from failure and work to meet or exceed goals.
Be authentic: always work to improve, seeking feedback proactively.
Lead Others:
Empower Others: inspire others to contribute to our success by seeking and building on ideas from others and supporting priorities together.
Grow Together: hold self and others accountable for results, and offer and embrace candid feedback.
Lead Business:
Create Value: demonstrate knowledge of Carhartt’s business and delivers on expected results.
Champion Change: believe in the power of innovation, and know we won’t preserve our heritage as the industry leader by doing things the same way.
Representative Responsibilities
Be a thought leader in security and operations delivery - driving automation, analytics, and advanced threat analysis. Lead and manage Security Operations Center. Primarily responsible for security event monitoring, management and response. Assist in the cyber security incident response plan, investigations and associated procedures. Provide administrative direction and support for daily operational activities.
· Lead 24x7 delivery team or on-call rotation, foster innovation, and drive accountability within SOC engineering. Identify and implement automated systems and procedures to reduce manual errors. Oversee technical delivery, assessing and continually improving output and ensuring processes are developed and adhered to in order to drive operational excellence.
Coordination with stakeholders, build and maintain positive working relationships with them. Collaborate and consult with other group leaders on the overall advancement of the emerging capabilities within the organization.
Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center.
Responsible for integration of standard and non-standard logs in SIEM. Ensure security log management is maintained and support expansion of log services.
Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring. Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.
Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives. Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs.
Support and maintain an inventory of assets, along with categorization that assist in risk assessment efforts.
Establish operational foundations, defining metrics, KRIs and KPIs to security performance of systems and process. Influence and improve existing processes through innovation and operational change. Creation of reports, dashboards, metrics for SOC operations and presentation to Security Leadership.
Recruitment, Development and mentor staff through open communication, training and development opportunities, and performance management processes with scheduling, evaluation and disciplinary actions; build and maintain employee morale and motivation. Develop and maintain an educational environment where the knowledge and performance of the group is constantly advancing.
Other duties as assigned.
Required Education
Bachelor’s Degree (B.A.) from four-year college or university Information Technology, Information Security/Assurance, Engineering or similar area of study; at least 6 years related experience and/or training; or equivalent combination of education, certification and experience preferred.
8 + years of hands on experience in the security monitoring and incident response
3 + years of management experience; ability to lead and manage operations
Required Skills & Experience
Must possess strong knowledge of information security management and practices.
Strong knowledge of applicable laws, regulations, guidelines and professional standards for systems security.
Strong project management skills, good communication skills, change management skills.
Demonstrate personal traits of a high level of motivation, team orientation, professionalism, trust, and place a high value on treating others with dignity and respect.
Proficient in Incident Management and Response
Experience in security device management and SIEM
Hands on experience with EPP/EDR, NefFlow, and vulnerability identification tools
Experience with cloud service providers.
Strong leadership skills; ability to structure unstructured problems and take command during an incident
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Experience in threat management
Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix
Knowledge of applications, databases, middleware to address security threats against the same.
Proficient in preparation of reports, dashboards and documentation
Excellent communication and leadership skills
Experience in performing vendor management
Ability to handle high pressure situations with key stakeholders
Good Analytical skills, Problem solving and Interpersonal skills
Physical Requirements and Working Conditions
Typical office environment; office setting. Extended periods of time sitting, standing, typing on a computer is required.
Willing to work some weekends if necessary.
National and International travel required (up to 20%).
Carhartt is a tobacco free workplace.