• As a leader, you will manage, support, and oversee the maturity of the SOC in improving incident response times, reducing false positives and other extraneous alerts and enhancing threat detection capabilities.
• Drive innovation and provide leadership to the organization to ensure world-class system solutions and flawless execution.
• Work with the global SOC/MSOC managers to ensure 24x7x365 global coverage for detection and response.
• Continually monitor and evaluate security operations, investigative processes, automation, threat-hunting techniques, eDiscovery, legal holds, and forensic investigations and technologies.
• Work with Security Engineering providing feedback on current capabilities.
• Provide oversight to all security incidents, processes, and escalations to determine the root cause and extent of the incidents; Be the escalation point and incident commander for severe security incidents.
• Develop and manage operational playbooks, procedures, recommendations, and standards to ensure compliance with applicable security laws, regulations, and privacy legislation as appropriate.
• Provide leadership and strategic direction in the on-going development, implementation and administration of First American’s security programs and policies to ensure that the integrity, confidentiality, and availability of information is owned, controlled, or processed by the organization.
• Direct a multidisciplinary team of incident responders, cyber defense analysts, and security consultants, fostering collaboration and innovation in tackling complex security incidents.
• Oversee the development, implementation, and maintenance of our cyber defense strategy, policies, and tools, ensuring that our organization is protected against cyber threats.
• Stay up-to-date with the latest cybersecurity trends, technologies, and threats to ensure that the organization's security measures remain effective.
• Define and track key performance indicators (KPIs) for the cybersecurity team to measure their effectiveness and contributions to the organization's security goals.
• Design, build and drive overall strategy, methodology, and roadmap for the processes, systems, tools, and technologies required to secure our data assets.
• Authorizes projects, approves project designs and cost estimates. Reports projects’ status and critical issues to IT senior management.
• Develops and administers department budget with input from work group managers.
• Develops long-range plan for the department and is a key participant in strategic planning for the IT Operations function. Translates strategic goals and priorities into technical strategies and objectives for his/her department.
• Writes and conducts performance reviews, provides ongoing performance feedback. Establishes salary budget and approves salary increases. Makes hiring decisions.
• Frequently interfaces with executives inside and outside the company to make operational and project-related decisions, to resolve critical issues, to gather industry and competitive information and to foster a productive professional network.
• Required to perform duties outside of normal work hours based on business needs.

Required Qualifications:

• BA/BS degree in Computer Information Systems, Computer Science or equivalent experience is required.
• 10+ years of technical experience as a senior contributor
• 8+ years of management experience in a similar technical and business environment
• Experience with IT security, compliance, risk and privacy frameworks such as ISO 27001, NIST 800-53, HIPAA, GDPR, CCPA.
• Technical working knowledge of security tools and concepts including IDS/IPS; SIEM; Web Proxy; Encryption; Patch management; Vulnerability Scanning & Remediation; Forensics; Penetration Testing; DLP; Email Gateways; Anti-spam Services; MDM; Privileged Account Management; Log Analytics; Two Factor Authentication; Single Sign On.
• Extensive knowledge and experience managing a strong 24x7 SOC and Security Incident Response team.
• Extensive knowledge of Security Event and Incident Management (SEIM) and Security Orchestration Automation and Response (SOAR) tools.
• Demonstrated ability of establishing and maintaining metrics-based process improvement

​

Preferred Qualifications:

• Preferred Certifications: CISSP (Certified Information Systems Security Certified Professional), SSCP (Systems Security Certified Practitioner), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Management), CCNA, CCNP, MSCE
• Excellent communication and interpersonal skills with a high degree of empathy and emotional intelligence, be self-motivated with the ability to manage and prioritize multiple deliverables to meet deadlines and demonstrate proven success delivering results individually and as part of a team in a fast-paced, demanding, growth environment.
• Ability to nurture and support a strong operations culture - customer/service focus excellent technology - high quality implementations - self-motivated innovation and problem-solving.
• Has experience building security products and is well versed with the security landscape.
• Ability to establish and maintain effective working relationships at the senior management level across functional groups and business units.
• Ability to communicate function vision and establish aligned direction and goals for his/her department.

Pay Range: 116,820.00 - $233,640 Annually. This hiring range is a reasonable estimate of the base pay range for this position at the time of posting. Pay is based on a number of factors which may include job-related knowledge, skills, experience, business requirements and geographic location. ** Note that the following statements only apply to candidates who will be working from an unincorporated area within Los Angeles County. ** First American will consider for employment all qualified applicants, including those with arrest or conviction records, in a manner consistent with the requirements of applicable state and local laws (e.g., the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act). First American intends to conduct a review of an applicant’s criminal history in connection with a conditional offer. First American reasonably believes that a criminal history may have a direct, adverse and negative relationship with the following material job duties for this position potentially resulting in the withdrawal of the conditional offer of employment: handling of confidential, proprietary or trade secret information belonging to First American or its customers, administrating or facilitating financial transactions, and the ability to meet customer-imposed criminal history requirements.