BJ's Wholesale Club IT Security Threat Operations Manager Job in Westborough-Home Office, Massachusetts
IT Security Threat Operations Manager Job
Apply now »
Date: Jun 29, 2020
Westborough-Home Office, MA, US, 01581
Company: BJ's Wholesale Club, Inc.
BJ's Wholesale Club was the first retailer to introduce the warehouse club concept in the northeastern United States. Today, we’re a multibillion dollar operation with more than 200 clubs in 17 states from Maine to Florida.
While our Members know us for helping them save up to 25% off grocery prices every day, our Team Members love us for providing a supportive and engaging workplace that’s committed to developing great talent.
If you’re a motivated and enthusiastic person who enjoys working collaboratively and is committed to providing great service for our Members, we want to hear from you. BJ’s offers a fast-paced, team environment with great training opportunities and competitive salary and benefits packages to help you succeed.
IT SECURITY THREAT OPERATIONS MANAGER
Under the direction of the CISO, this role’s primary function is to manage a team of SOC analysts and be responsible for threat monitoring for BJ’s Information Security department. This role is responsible for managing multiple threat tools, SIEM, and cyber security analysis of threat events, monitoring and remediate threats.
Responsibilities include, but are not limited to:
Report SOC related metrics and lead incident response teams, advise and coordinate with senior leadership during active incidents
Help with vulnerability management for critical applications
Define protocols and maturing ‘playbooks’ of operational response to cyber threats
Provide teaching / mentoring to SOC Tier Analysts, including incident response functions
Annual penetration testing and maintaining PCI environment
Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies
Recognizes potential, successful and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
Communicates alerts to respective teams regarding intrusions and compromises to their network infrastructure, applications, and operating systems
Creates and maintains standard operating procedures and other similar documentation
Help build automation with Security Orchestration (SOAR) suite
SIEM and log management across On-prem, AWS and Azure environments.
Bachelors (or foreign equivalent) degree in Computer Science or related field is required.
Proven thought leadership in the SOC and Incident Response space is essential for this role
Minimum of 7-10 years of experience in Information Technology, with a concentration on Information Security
3-5 years of managing and monitoring SOC analysts
Solid knowledge of security related industry standards and frameworks, such as PCI DSS, ISO 27001/2, NIST, OWASP, SANS, CoBit, ITIL, COSO, FISMA
Desired certifications include: Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Secure Software Lifecycle Professional (CSSLP), Computer Hacking Forensic Investigator (CHFI), Encase Certification
In-depth knowledge of information security practices, threat modelling, developing IR frameworks and strategies
Hands-on technologist who is ready to ready to listen, delegate, learn and mentor
Strong communication, collaborative attitude and consensus building is a must
Qradar, Dell Secure Works and Sumologic knowledge is desirable
Crowdstrike, Proofpoint, Netskope and Sophos knowledge is nice to have.
BJ's Wholesale Club is committed to a policy of equal employment opportunity for all qualified team members and applicants for employment without regard to race, religion, color, sex, sexual orientation, age, ancestry, national origin, physical and/or mental disability, genetic information, atypical cellular or blood trait, marital and/or familial status, pregnancy, gender identity and expression, military or veteran status, or any other characteristics protected by applicable law.