Email Job Description
Why You Will Love Being Part of the Navy Federal Team:
* Competitive compensation with opportunities for annual raises, promotions, and bonus potential
* Best-in-Class Benefits! (7% 401k match / Pension plan / Tuition reimbursement / Great insurance options)
* On-site amenities include fitness center, wellness center, cafeteria, etc. at Pensacola, FL; Vienna, VA and Winchester, VA campuses
* Consistently Awarded Top Workplace
* Nationally recognized training department by TRAINING Magazine
* An employee-focused, diverse, and service-oriented workplace environment
The Supervisor for Incident Response & Monitoring (IRM) provides operational oversight to the computer incident response and security monitoring function of the Navy Federal Cybersecurity Operations Center (CSOC). The Supervisor will work closely with the CSOC Leadership to help mature a constantly evolving computer network defense program. The Supervisor provides leadership, guidance, and procedural expertise on a day-to-day basis, and is responsible for ensuring staff is responsive and timely in analyzing and responding to critical events while performing 24/7365 monitoring of NFCU's global information technology environment. The Supervisor will work closely with additional teams of information security analysts and engineers to protect Navy Federal's brand, data, and IT assets from cyber-based threats.
* Oversee the 24/7/365 shift operations for computer incident response and security monitoring function of the Cyber Security Operations Center (CSOC) supporting both employees and a growing customer member base from cyber threats. Primary responsibilities include:
* Managing the day-to-day operations and ensuring continuity between staff across shifts and geographically separated locations.
* Defining and implementing operational metrics and reporting based on for Key Performance Indicators (KPI's) to include associated workflows related to security event monitoring and the response of cyber incidents.
* Defining and implementing process, procedures, and standards that are consistent with industry best practices.
* Ensure incidents and investigations are thoroughly documented for the purposes of facilitating record keeping, process improvement, lessons learned, trend analysis, and senior leadership reporting.
* Provide guidance in the development and maintenance of Standard Operating Procedures and similar documentation.
* Ensure staff at all levels consistently apply defined process and procedures to established standards.
* Escalating issues to management in a timely manner with appropriate information regarding risk and impact.
* Manage team personnel to include performance management and professional development, and provide leadership, guidance, and technical expertise on a day-to-day basis.
* Execute ad-hoc tasks or lead small projects as needed.
Candidates must possess:
* Several years of experience serving in a senior analyst or supervisory role within a large enterprise SOC or Information Technology (IT) operations center.
* Expert-level understanding and experience in the practical application of the Incident Response Lifecycle and associated best practices.
* An understanding of network and host-based forensic methodologies.
* Demonstrated knowledge of enterprise-grade security technologies and capabilities to include Security Information and Event Management (SIEM), log management and search, incident case management, intrusion detection/prevention systems, antivirus, full packet capture, data loss prevention (DLP), firewall, web proxy, user/endpoint behavior analytics (UEBA)
* An understanding of the current threat landscape and adversary tactic, techniques and procedures (TTP's).
* Demonstrated knowledge of information security programs and operations, and data security practices and procedures, including risk identification/assessment.
* Strong problem solving and critical thinking abilities.
* A strong desire for continuous process improvement and excellence.
* Excellent verbal and written communication skills to include the ability convey technical details in a clear and understandable manner to both, technical and non-technical audiences alike.
* Strong leadership qualities to include the ability to team-build, lead, mentor, and motivate others.
* The ability to foster team work and collaboration across operational teams.
* Strong planning and organizational skills.
* Knowledge of industry Standards and Frameworks including ISO, ITIL, COBIT, and NIST.
* Previous experience within the financial sector.
* Preferred Certifications - GIAC (e.g., GCIH, GCIA, GCFA, etc.), CEH, CISSP, or Security+.
* Experience with RSA SecOps and Splunk Enterprise Security (ES).
Monday-Friday, 8:00AM-4:30PM EST
Equal Employment Opportunity
Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability