Threat Detection Lead, Security Operations (US Remote)

Company Description
Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realise their financial goals and help them save time and money.
We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments.
We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at
Job Description
The Threat Detection Lead, Security Operations is an essential part of Experian’s Cyber Fusion Center (CFC). The first assessment on security incidents are conducted by Level 1 Analysts, and when necessary they will escalate the case to the Lead, who will then perform a more in-depth analysis and further evaluation of network security threat activities. The Lead also supports the development of new analytic methods and content, conducts impact analysis, and proposes remediation actions.
What you’ll be doing

Provide leadership to level 1 analysts, including feedback on quality of work, driving case quality

Collaborate with external teams for incident resolution and escalations, ensuring questions from Experian users are answered promptly

Support the strategic plans and projects that drive the overall Information Security goals

Track tactical issues in the execution of CFC responsibilities and report to management any issues that could affect the CFC

Provide recommendations for security tools resulting in increased security posture or fidelity rate efficiency

Author and maintain Standard Operating Procedures (SOPs) and training documentation to include improvements and evergreen process

Assist management with responding to audit questions by providing evidence of processes and procedures

Assist the Cyber Threat Intelligence (CTI) and content development teams on use case development by suggesting enhancements or new use cases to improve the security posture of Experian

Participate in proof-of-concept projects with the security engineering team to ensure the CFC is adequately represented

Respond and support the Tier 1 team; perform in-depth analysis on escalated events, provide severity rating, initiate the major incident response process as needed, and document actions taken. Explain the event’s history, status, and potential impact for further action following our cyber incident response plan

Coordinate with enterprise-wide cyber defense staff to validate security control alerts

Perform cyber defense trend analysis and reporting

Plan and recommend modifications or adjustments based on exercise results or system environment

Provide cybersecurity recommendations to leadership based on threats and vulnerabilities

Monitor the environment longitudinally for long-term pattern detection

Organize quarterly tabletop exercises with the team

Review, approve, and share new content information within SLAs

Maintain scheduling and shifts to ensure 24x7x365 coverage

Qualifications
What your background looks like

5+ years’ experience in threat detection or security operations and response roles

Demonstrate expert technical skills that are needed to defend the enterprise environment, such as:

In-depth packet analysis skills, core forensic familiarity, incident response skills, and data fusion skills based on multiple security data sources

Scripting and automation

System administration on Unix, Linux, or Windows

Network forensics, logging, and event management

Defensive network infrastructure (operations or engineering)

Vulnerability assessment and penetration testing concepts

Malware analysis concepts, techniques, and reverse engineering

In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners)

Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others

Demonstrated ability to work in a team environment and able to train and coach other team members

Excellent verbal and written communications skills and ability to produce security incident reports and briefings to both technical and non-technical audiences

Able to work on a 12×7 shift rotating schedule

Relevant technical and industry certifications are a plus, e.g. Comptia, GIAC certifications, CISSP, OSCP, or SIEM vendor-specific certifications

Perks

20 days of vacation accrued annually, five sick days, and two volunteer days (plus twelve paid holidays)

Great compensation package and comprehensive benefits package, with a bonus target of 15%

This role can be 100% remote long-term, or you can work out of one of our offices

People-focused culture where personal and professional growth is prioritized

Recognition and celebration of performance and achievements

Power to bring your whole self to work – where your differences and values will be respected and celebrated

Employee Resource Groups set up and run by employees, for employees. These networks build, celebrate, and further understanding of the diverse identity and experiences within Experian, in support of our commitment to diversity and inclusion

International network of peers; mentorship programs

Additional Information
Our uniqueness is that we celebrate yours. Experian’s culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering… the list goes on. Experian’s people first approach is award-winning; Great Place To Work™ in 24 countries, FORTUNE Best Companies to work and Glassdoor Best Places to Work (globally 4.4 Stars) to name a few. Check out Experian Life on social or our Careers Site to understand why.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian’s DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

Experian