COMPANY OVERVIEW
ThreatLocker® is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. The ThreatLocker® platform with Application Allowlisting, Ringfencing™, Storage Control, Elevation Control, Endpoint Network Control, Configuration Management, and Operational Alert solutions are leading the cybersecurity market toward a more secure approach of blocking the exploits of application vulnerabilities.
JOB SUMMARY
The Manager of Threat Intelligence will lead and manage the IR, Red Team, and Detection operations, ensuring the organization's cybersecurity posture is robust and resilient. This role involves coordinating with the Managed Detection and Response (MDR) team and the Security Operations Center (SOC) to detect, respond to, and mitigate security incidents. The ideal candidate will have a strong background in cybersecurity, incident response, and red teaming, with excellent leadership and communication skills.
KEY RESPONSIBILITIES
Incident Response Management:
- Lead the IR team in identifying, analyzing, and responding to cybersecurity incidents.
- Develop and maintain incident response plans, playbooks, and procedures.
- Coordinate with internal and external stakeholders during incident response activities.
- Conduct post-incident reviews and develop lessons learned to improve future responses.
Red Team Operations:
- Plan, execute, and manage red team exercises to identify vulnerabilities and test the effectiveness of security controls.
- Develop and maintain red team methodologies, tools, and techniques.
- Provide detailed reports and recommendations based on red team findings to enhance the organization's security posture.
Collaboration with MDR and SOC:
- Work closely with the MDR team to ensure timely detection and response to threats.
- Collaborate with the SOC to enhance monitoring, detection, and response capabilities.
- Share threat intelligence and incident data with MDR and SOC teams to improve overall security operations.
Customer Reporting and Meetings:
- Create detailed reports for customers on security incidents, red team findings, and overall cybersecurity posture.
- Conduct regular meetings with customers to discuss reports, address concerns, and provide recommendations for improving security.
Policy and Compliance:
- Ensure all IR and red team activities comply with relevant laws, regulations, and industry standards.
- Develop and enforce security policies, standards, and guidelines.
Training and Development:
- Provide training and mentorship to IR and red team members.
- Stay current with the latest cybersecurity trends, threats, and technologies.
- Promote a culture of continuous improvement and learning within the team.
QUALIFICATIONS
- Minimum of 5 years of experience in incident response, red teaming, or a related cybersecurity role.
- Strong knowledge of cybersecurity frameworks, such as NIST, MITRE ATT&CK, and ISO 27001.
- Experience with security tools and technologies, including SIEM, EDR, and vulnerability assessment tools.
- Excellent problem-solving, analytical, and communication skills.
- Relevant certifications such as CISSP, CISM, CEH, or GIAC are preferred.
PREFERRED SKILLS
- Leadership and team management skills.
- Ability to work under pressure and handle multiple priorities.
- Strong analytical and problem-solving abilities.
- Excellent written and verbal communication skills.
- Ability to collaborate effectively with cross-functional teams.
WORKING CONDITIONS
The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed.
- Job will generally be performed in an office environment but may require travel to visit company offices and/or property locations.
- While performing duties of this job, would occasionally require to stand, walk, sit, reach with hands and arms, climb or balance, stoop or kneel, talk and hear, and use fingers and hands to feel objects and tools.
- Must occasionally lift and/or move up to 25 pounds.
- Specific vision abilities required include close vision, distance vision, depth perceptions, and the ability to adjust focus.
What We Do
ThreatLocker is leading the cybersecurity market towards a more secure approach to blocking unknown application vulnerabilities. The ThreatLocker Control Suite combines Application Whitelisting, Ringfencing™, Storage Control, and Elevation Control solutions in ways that make security simple.
ThreatLocker’s powerful suite of security tools is designed so that everyone from businesses to government agencies to academic institutions can directly control exactly what applications run on their networks.
Since its founding in 2017, ThreatLocker has been recognized as one of the most efficient cyber security software. Headquartered in Maitland, Florida.