Director of Information Security Operations (Hybrid) - First American Financial Corporation
Santa Ana, CA
About the Job
Who We Are
Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for nine consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.
What We Do
Spearhead all activities within the Security Operations Center (SOC), upholding the highest standard of security operations and ensuring the team's readiness to respond to emerging threats. Lead First American’s Global SOC, SIEM , SOAR and Security Incident Response functions including managing a department comprised of technical team members and managers from varied disciplines. Continuous improvements and automation are critical to success.
This role will be hybrid 2-3 days per week onsite in Santa Ana, CA.
What You’ll Do
- As a leader, you will manage, support, and oversee the maturity of the SOC in improving incident response times, reducing false positives and other extraneous alerts and enhancing threat detection capabilities.
- Drive innovation and provide leadership to the organization to ensure world-class system solutions and flawless execution.
- Work with the global SOC/MSOC managers to ensure 24x7x365 global coverage for detection and response.
- Continually monitor and evaluate security operations, investigative processes, automation, threat-hunting techniques, eDiscovery, legal holds, and forensic investigations and technologies.
- Work with Security Engineering providing feedback on current capabilities.
- Provide oversight to all security incidents, processes, and escalations to determine the root cause and extent of the incidents; Be the escalation point and incident commander for severe security incidents.
- Develop and manage operational playbooks, procedures, recommendations, and standards to ensure compliance with applicable security laws, regulations, and privacy legislation as appropriate.
- Provide leadership and strategic direction in the on-going development, implementation and administration of First American’s security programs and policies to ensure that the integrity, confidentiality, and availability of information is owned controlled or processed by the organization.
- Direct a multidisciplinary team of incident responders, cyber defense analysts, and security consultants, fostering collaboration and innovation in tackling complex security incidents.
- Oversee the development, implementation, and maintenance of our cyber defense strategy, policies, and tools, ensuring that our organization is protected against cyber threats.
- Stay up-to-date with the latest cybersecurity trends, technologies, and threats to ensure that the organization's security measures remain effective.
- Define and track key performance indicators (KPIs) for the cybersecurity team to measure their effectiveness and contributions to the organization's security goals.
- Design, build and drive overall strategy, methodology, and roadmap for the processes, systems, tools, and technologies required to secure our data assets.
- Authorizes projects, approves project designs and cost estimates. Reports projects’ status and critical issues to IT senior management.
- Develops and administers department budget with input from work group managers.
- Develops long-range plan for the department and is a key participant in strategic planning for the IT Operations function. Translates strategic goals and priorities into technical strategies and objectives for his/her department.
- Writes and conducts performance reviews, provides ongoing performance feedback. Establishes salary budget and approves salary increases. Makes hiring decisions.
- Frequently interfaces with executives inside and outside the company to make operational and project-related decisions, to resolve critical issues, to gather industry and competitive information and to foster a productive professional network.
- Required to perform duties outside of normal work hours based on business needs.
What You’ll Bring:
- BA/BS degree in Computer Information Systems, Computer Science or equivalent experience is required.
- 10+ years of technical experience as a senior contributor
- 8+ years of management experience in a similar technical and business environment
- Preferred Certifications: CISSP (Certified Information Systems Security Certified Professional), SSCP (Systems Security Certified Practitioner), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Management), CCNA, CCNP, MSCE
- Experience with IT security, compliance, risk and privacy frameworks such as ISO 27001, NIST 800-53, HIPAA, GDPR, CCPA.
- Technical working knowledge of security tools and concepts including IDS/IPS; SIEM; Web Proxy; Encryption; Patch management; Vulnerability Scanning & Remediation; Forensics; Penetration Testing; DLP; Email Gateways; Anti-spam Services; MDM; Privileged Account Management; Log Analytics; Two Factor Authentication; Single Sign On.
- Excellent communication and interpersonal skills with a high degree of empathy and emotional intelligence, be self-motivated with the ability to manage and prioritize multiple deliverables to meet deadlines and demonstrate proven success delivering results individually and as part of a team in a fast-paced, demanding, growth environment.
- Extensive knowledge and experience managing a strong 24x7 SOC and Security Incident Response team.
- Extensive knowledge of Security Event and Incident Management (SEIM) and Security Orchestration Automation and Response (SOAR) tools.
- Ability to nurture and support a strong operations culture - customer/service focus excellent technology - high quality implementations - self-motivated innovation and problem-solving.
- Has experience building security products and is well versed with the security landscape.
- Demonstrated ability of establishing and maintaining metrics-based process improvement
- Ability to establish and maintain effective working relationships at the senior management level across functional groups and business units.
- Ability to communicate function vision and establish aligned direction and goals for his/her department.
Pay Range: 116,820.00 - $233,640 Annually
This hiring range is a reasonable estimate of the base pay range for this position at the time of posting. Pay is based on a number of factors which may include job-related knowledge, skills, experience, business requirements and geographic location.
What We Offer
By choice, we don’t simply accept individuality – we embrace it, we support it, and we thrive on it! Our People First Culture celebrates diversity, equity and inclusion not simply because it’s the right thing to do, but also because it’s the key to our success. We are proud to foster an authentic and inclusive workplace For All. You are free and encouraged to bring your entire, unique self to work. First American is an equal opportunity employer in every sense of the term.
Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan.