At Equitable, our power is in our people.
We're individuals from different cultures and backgrounds. Those differences make us stronger as a team and a force for good in our communities. Here, you'll work with dynamic individuals, build your skills, and unleash new ways of working and thinking. Are you ready to join an organization that will help unlock your potential?
The Director of Security Operations Detection and Response will provide thought leadership, technical guidance, and strategic direction for all aspects of Security Operations Center and Incident Response/Cyber Crisis Management across the Equitable environment. The team is responsible for proactively analyzing threat actor campaigns, incident response cases relevant to the financial and insurance industry.
Primary Responsibilities include, but are not limited to:
Lead and mature cybersecurity operations including monitoring, detection, response and recovery capabilities.Plan, direct, and manage day-to-day activities across the Security Operations Center (SOC)Drive and oversee implementation and improvement of new tools, capabilities, frameworks, and methodologies across all teams within the SOC and Incident Response teamsLead and drive incident response and threat hunting activities; lead complex investigations, manage the cyber crisis team during security events and the creation of technical reports based on analytical findings.Develop, update and enforce standard operating procedures, runbooks, and playbooks for security event management and incident response.Accountable for the timeliness and efficiency of identification, isolation, mitigation, and reporting of critical incidents by the SOCMaintain situational awareness of escalated events and alerts, tools status, vulnerability status, forensics and malware investigations, intelligence status, and all other SOC functionsExperience with digital forensics, including evidence collection, analysis and reporting while preserving legal and compliance standardsCollaborate cross-functionally with IT, compliance, legal, privacy and business units to align security practices with organizational goalsCreate and reports on security posture, KPIs, and technical metrics to executive leadership and stakeholders. Instill and reinforce industry best practices in the domains of incident response, cybersecurity analysis, knowledge management, and SOC operationsFamiliarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments. Promote and drive implementation of automation and process efficienciesLead and mentor a team of security analysts and incident responders; foster a culture of continuous improvement and innovation.Location and In Office Schedule: This role can be located in the Syracuse, NY or Charlotte, NC office and will be working a hybrid schedule of being in office 2-3 days per week.
The base salary range for this position is $145,000-$175,000. Actual base salaries vary based on skills, experience, and geographical location. In addition to base pay, Equitable provides compensation to reward performance with base salary increases, spot bonuses, and short-term incentive compensation opportunities. Eligibility for these programs depends on level and functional area of responsibility.
For eligible employees, Equitable provides a full range of benefits. This includes medical, dental, vision, a 401(k) plan, and paid time off. For detailed descriptions of these benefits, please reference the link below.
Equitable Pay and Benefits:Equitable Total Rewards Program
At Equitable, our power is in our people.
We're individuals from different cultures and backgrounds. Those differences make us stronger as a team and a force for good in our communities. Here, you'll work with dynamic individuals, build your skills, and unleash new ways of working and thinking. Are you ready to join an organization that will help unlock your potential?
The Director of Security Operations Detection and Response will provide thought leadership, technical guidance, and strategic direction for all aspects of Security Operations Center and Incident Response/Cyber Crisis Management across the Equitable environment. The team is responsible for proactively analyzing threat actor campaigns, incident response cases relevant to the financial and insurance industry.
Primary Responsibilities include, but are not limited to:
Lead and mature cybersecurity operations including monitoring, detection, response and recovery capabilities.Plan, direct, and manage day-to-day activities across the Security Operations Center (SOC)Drive and oversee implementation and improvement of new tools, capabilities, frameworks, and methodologies across all teams within the SOC and Incident Response teamsLead and drive incident response and threat hunting activities; lead complex investigations, manage the cyber crisis team during security events and the creation of technical reports based on analytical findings.Develop, update and enforce standard operating procedures, runbooks, and playbooks for security event management and incident response.Accountable for the timeliness and efficiency of identification, isolation, mitigation, and reporting of critical incidents by the SOCMaintain situational awareness of escalated events and alerts, tools status, vulnerability status, forensics and malware investigations, intelligence status, and all other SOC functionsExperience with digital forensics, including evidence collection, analysis and reporting while preserving legal and compliance standardsCollaborate cross-functionally with IT, compliance, legal, privacy and business units to align security practices with organizational goalsCreate and reports on security posture, KPIs, and technical metrics to executive leadership and stakeholders. Instill and reinforce industry best practices in the domains of incident response, cybersecurity analysis, knowledge management, and SOC operationsFamiliarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments. Promote and drive implementation of automation and process efficienciesLead and mentor a team of security analysts and incident responders; foster a culture of continuous improvement and innovation.Location and In Office Schedule: This role can be located in the Syracuse, NY or Charlotte, NC office and will be working a hybrid schedule of being in office 2-3 days per week.
The base salary range for this position is $145,000-$175,000. Actual base salaries vary based on skills, experience, and geographical location. In addition to base pay, Equitable provides compensation to reward performance with base salary increases, spot bonuses, and short-term incentive compensation opportunities. Eligibility for these programs depends on level and functional area of responsibility.
For eligible employees, Equitable provides a full range of benefits. This includes medical, dental, vision, a 401(k) plan, and paid time off. For detailed descriptions of these benefits, please reference the link below.
Equitable Pay and Benefits:Equitable Total Rewards Program
Required Qualifications
Bachelor’s degree and 8 years of relevant experience OR 10 Years of experience may be used in lieu of degree4 years of supervising and/or managing teams5 years of intrusion detection and/or incident handling experienceEstablished knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large and complex EnterpriseProven expertise in SOC platforms e.g., SOAR, SIEM, DLP etc. solutionsExperience supervising and leading employees of various labor categories and technical skill levels in efforts similar in size and scope to a mature Security OperationMature understanding of industry accepted standards for incident response actions and best practices related to SOC operationsDemonstrated leadership, organizational, and written and verbal communication skills, Proven analytical and troubleshooting skillsPreferred Qualifications
Deep technical understanding of core current cybersecurity technologies as well as emerging capabilitiesHands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization including prior experience performing large-scale incident responseDemonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs)Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATTCK frameworkFamiliarity with identifying High Value Assets (HVAs)
Skills
Agile Methodologies:Knowledge of concept and principles of agile methodology; ability to apply appropriate agile approaches in the processes of software development and delivery.
Coaching Others:Knowledge of coaching and mentoring concepts and methods; ability to encourage, motivate, and guide individuals in learning and improving effectiveness.
Confidentiality:Knowledge of practices and policies governing disclosure of information about the organization, its business activities, and employees; ability to apply this knowledge appropriately to diverse situations.
Continuous Learning:Understanding of the rationale behind the necessity to continually learn and grow and the ability to seek performance feedback and identify approaches to improve own performance and that of others.
Industry Knowledge:Knowledge of the organization's industry group, trends, directions, major issues, regulatory considerations, and trendsetters; ability to apply industry knowledge appropriately to diverse situations.
Information Security Management:Knowledge of the processes, tools and techniques of information security management; ability to deploy and monitor information security systems, while detecting, controlling and preventing violations of IT security.
IT Governance:Knowledge of the accountability framework and processes used to encourage proper behavior in IT activities and operations; ability to implement IT systems and controls to meet business needs and requirements.
Results Orientation:Knowledge of the importance of meeting or exceeding established targets; ability to drive critical activities to completion.
Staff and Career Development:Knowledge of available internal and external learning resources and ability to address learning, training, and career development needs of individuals, teams or organization.
ABOUT EQUITABLE
At Equitable, we’re a team of over ten thousand strong; committed to helping our clients secure their financial well-being so that they can pursue long and fulfilling lives.
We turn challenges into opportunities by thinking, working, and leading differently – where everyone is a leader. We encourage every employee to leverage their unique talents to become a force for good at Equitable and in their local communities.
We are continuously investing in our people by offering growth, internal mobility, comprehensive compensation and benefits to support overall well-being, flexibility, and a culture of collaboration and teamwork.
We are looking for talented, dedicated, purposeful people who want to make an impact. Join Equitable and pursue a career with purpose.
Equitable is committed to providing equal employment opportunities to our employees, applicants and candidates based on individual qualifications, without regard to race, color, religion, gender, gender identity and expression, age, national origin, mental or physical disabilities, sexual orientation, veteran status, genetic information or any other class protected by federal, state and local laws.
NOTE: Equitable participates in the E-Verify program.
If reasonable accommodation is needed to participate in the job application or interview process or to perform the essential job functions of this position, please contact Human Resources at (212) 314-2211 or email us atTalentAcquisition@equitable.com.
Required Qualifications
Bachelor’s degree and 8 years of relevant experience OR 10 Years of experience may be used in lieu of degree4 years of supervising and/or managing teams5 years of intrusion detection and/or incident handling experienceEstablished knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large and complex EnterpriseProven expertise in SOC platforms e.g., SOAR, SIEM, DLP etc. solutionsExperience supervising and leading employees of various labor categories and technical skill levels in efforts similar in size and scope to a mature Security OperationMature understanding of industry accepted standards for incident response actions and best practices related to SOC operationsDemonstrated leadership, organizational, and written and verbal communication skills, Proven analytical and troubleshooting skillsPreferred Qualifications
Deep technical understanding of core current cybersecurity technologies as well as emerging capabilitiesHands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization including prior experience performing large-scale incident responseDemonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs)Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATTCK frameworkFamiliarity with identifying High Value Assets (HVAs)
Skills
Agile Methodologies:Knowledge of concept and principles of agile methodology; ability to apply appropriate agile approaches in the processes of software development and delivery.
Coaching Others:Knowledge of coaching and mentoring concepts and methods; ability to encourage, motivate, and guide individuals in learning and improving effectiveness.
Confidentiality:Knowledge of practices and policies governing disclosure of information about the organization, its business activities, and employees; ability to apply this knowledge appropriately to diverse situations.
Continuous Learning:Understanding of the rationale behind the necessity to continually learn and grow and the ability to seek performance feedback and identify approaches to improve own performance and that of others.
Industry Knowledge:Knowledge of the organization's industry group, trends, directions, major issues, regulatory considerations, and trendsetters; ability to apply industry knowledge appropriately to diverse situations.
Information Security Management:Knowledge of the processes, tools and techniques of information security management; ability to deploy and monitor information security systems, while detecting, controlling and preventing violations of IT security.
IT Governance:Knowledge of the accountability framework and processes used to encourage proper behavior in IT activities and operations; ability to implement IT systems and controls to meet business needs and requirements.
Results Orientation:Knowledge of the importance of meeting or exceeding established targets; ability to drive critical activities to completion.
Staff and Career Development:Knowledge of available internal and external learning resources and ability to address learning, training, and career development needs of individuals, teams or organization.
ABOUT EQUITABLE
At Equitable, we’re a team of over ten thousand strong; committed to helping our clients secure their financial well-being so that they can pursue long and fulfilling lives.
We turn challenges into opportunities by thinking, working, and leading differently – where everyone is a leader. We encourage every employee to leverage their unique talents to become a force for good at Equitable and in their local communities.
We are continuously investing in our people by offering growth, internal mobility, comprehensive compensation and benefits to support overall well-being, flexibility, and a culture of collaboration and teamwork.
We are looking for talented, dedicated, purposeful people who want to make an impact. Join Equitable and pursue a career with purpose.
Equitable is committed to providing equal employment opportunities to our employees, applicants and candidates based on individual qualifications, without regard to race, color, religion, gender, gender identity and expression, age, national origin, mental or physical disabilities, sexual orientation, veteran status, genetic information or any other class protected by federal, state and local laws.
NOTE: Equitable participates in the E-Verify program.
If reasonable accommodation is needed to participate in the job application or interview process or to perform the essential job functions of this position, please contact Human Resources at (212) 314-2211 or email us atTalentAcquisition@equitable.com.