Group Manager Information Security - Threat Detection

  • Competitive
  • New York, NY, USA
  • Permanent, Full time
  • BNY Mellon
  • 18 Apr 19

Group Manager Information Security - Threat Detection

Group Manager, Information Security->> Manages a medium to large-sized or multiple small teams responsible for organization data protection. Oversees CTS security architecture, security monitoring and auditing, incident reporting/response and forensics. Leads and oversees information security projects and resourcing. Liaises with business process owners to ensure ongoing alignment.

Responsible for the development and delivery of CTS security and/or COB standards to ensure information system security across the business. Directs the monitoring of the utilization and effectiveness of security resources. Develops and implements processes and methods for auditing and addressing non-compliance and information security and/or COB standards. Provides direction and guidance on reports and analyses and ensures recommendations are aligned with customer/business needs and capabilities.

Monitors budgets and schedules for projects conducted by teams and ensures they are completed in a timely manner. Recruits, directs, motivates and develops staff, maximizing their individual contribution, their professional growth and their ability to function effectively with their colleagues as a team. Manages one or more information security teams.

Contributes to the achievement of team objectives.

Position overview : As a managerof the Threat Detection team, you will be responsible for defining and tacklingcomplex cyber security problems from strategy to execution. You will need to assess the currentvisibility and detection in the organization against current adversary toolsand techniques. Gaps must be prioritizedand progress against those gaps tracked and managed. This role is responsible for developing andproposing new practices, techniques, and technologies to address threat. This role enables the threat intelligence andresponse teams to be successful, requiring strong collaboration and internalteam relationship building. In additionto strategic and tactical execution, you will need to build and maintain apipeline of talent to ensure the team is continually staffed with high qualitythreat detection engineers.

This is a challenging and rewarding positionthat provides an opportunity to set the direction of a team of threat detectionengineers to develop cutting edge techniques and technologies in pursuit of avital mission that protects people, sensitive information/intellectual propertyand the security posture of the bank.

Key responsibilities and deliverables:

  • Responsiblefor developing a roadmap for current and future work to prioritize improvementsin BNYM's visibility and detection, given current state and anticipated threatactor activity.

  • Lead ateam of high-performing security engineers developing solutions to aggressivelyclose visibility and detection gaps, delivering high quality detectionanalytics.

  • Leadproactive detection and recommend security hardening.

  • Engage inongoing research in security tools, techniques, and procedures, as well asadvance Threat Detection initiatives based on aggressive security principals,machine learning algorithms, and threat mitigation techniques.

  • Developand report on actionable metrics that help measure the effectiveness of theteam and provide direction for improvement.

  • Collaboratewith Threat detection team, Insider Threat team, Operations and otherstakeholders to develop innovative detection capabilities through automationand advanced analytical techniques.

  • Provide subject matter expertise to teams across the company, helping them make informed, risk-based decisions.

  • Train,coach, and supervise staff.

Buildand maintain a pipeline of technical talent.



  • Experiencein threat detection, forensics, incident response, threat intelligence or arelated field. Ideally, multiple yearsof experience actively detecting and responding to attacks.

  • Experiencerecruiting and leading technical teams, including performance management.

  • Master'sdegree preferred. Background in ComputerScience and business administration is ideal.

  • Any ofthe following certifications, equivalent training, or experience is a plus:

    • Host forensics: e.g. GCFA, GCFE, GCIH, EnCE

    • Malware Analysis: e.g. GREM

    • Network Forensics: e.g. GNFA

    • Penetration testing: e.g. GPEN, GWAPT, GXPN, OSCP

  • Demonstrablecompetency with InfoSec fundamentals including Lockheed Kill chain and MITREATT&CK-based analytics.

  • Detailedunderstanding and experience in attacker techniques and effective use of threatintelligence to rapidly build and deploy threat detection.

  • Fundamentalunderstanding of InfoSec threat sharing including IoCs, artifacts, and forensictechniques.

  • Pastexperience with threat detection platforms like Splunk is a plus.

  • Activelistening and collaborative skills with various audiences, including directteam members and executive stakeholders, in order to perform hunt and contentdevelopment.

Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred. 10+ years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.

For over 230 years, the people of BNY Mellon have been at the forefront of finance, expanding the financial markets while supporting investors throughout the investment lifecycle. BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments & safeguards nearly one-fifth of the world's financial assets. BNY Mellon remains one of the safest, most trusted and admired companies. Every day our employees make their mark by helping clients better manage and service their financial assets around the world. Whether providing financial services for institutions, corporations or individual investors, clients count on the people of BNY Mellon across time zones and in 35 countries and more than 100 markets. It's the collective ambition, innovative thinking and exceptionally focused client service paired with a commitment to doing what is right that continues to set us apart. Make your mark:

Client Technology Solutions provides our business partners with client-focused, technology-based solutions. These enhance their ability to be successful through world-class software solutions and leading-edge infrastructure. Client Technology Solutions provides employees with the tools and resources to enhance their professional qualifications and careers.

BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer.
Minorities/Females/Individuals With Disabilities/Protected Veterans.

Primary Location: United States-New York-New York
Internal Jobcode: 45287
Job: Information Technology
Organization: Information Security-HR11724
Requisition Number: 1904421