Manager of Threat Informed Defence Engineering (US Remote)

Company Description

Experian is the world’s leading global information services company. During life’s big moments – from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers – we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control and access financial services, businesses to make smarter decisions and thrive, lenders to lend more responsibly, and organizations to prevent identity fraud and crime.

We have 20,000 people operating across 44 countries and every day we’re investing in new technologies, talented people, and innovation to help all our clients maximize every opportunity.

Job Description

The Manager Threat Informed Defence Engineering will lead a dedicated global team of security engineers focused on Detection Assurance and Threat Modelling. This role involves programmatically testing existing and new cyber threat detection controls, creating and maintaining an engineering backlog of threat scenarios from structured threat intelligence, building dashboards highlighting coverage and effectiveness of detective controls, and threat modelling critical business applications to uncover additional detection opportunities. The ideal candidate will possess a deep understanding of cyber threats and the ability to translate this knowledge into effective defense mechanisms. 

Key Responsibilities: 

• Lead and develop a global team of security engineers dedicated to enhancing our detection capabilities and ensuring the effectiveness of our cyber threat defenses. 

• Work closely with the Cyber Threat Intelligence team to translate structured threat intelligence into prioritized threat scenarios, informing the engineering backlog and detection strategies.  

• Spearhead the development and maintenance of dashboards that measure the coverage and effectiveness of detective controls, providing real-time insights into our defensive posture.  

• Implement and oversee a rigorous Detection Assurance program, programmatically testing and validating the effectiveness of existing and new detection controls against these scenarios. 

• Create and maintain an engineering backlog of threat scenarios, ensuring continuous improvement and adaptation of our detection capabilities to the evolving threat landscape. 

• Conduct threat modelling exercises on critical business applications, identifying potential threat scenarios and developing strategies to bolster detection and defense mechanisms. 

• Work closely with cross-functional teams, including software development, operations, and IT, to integrate threat-informed defense principles into the broader security strategy. 

• Stay abreast of the latest cyber threats, trends, and technologies, ensuring our defense mechanisms are ahead of potential attackers. 

• Foster a culture of innovation, encouraging the team to explore new technologies, methodologies, and practices to enhance our threat detection and defense capabilities. 

• Develop and manage the TID team budget, allocating resources strategically to maximize impact and effectiveness. 

• Report on the team's progress, challenges, and achievements, providing insights and recommendations to senior management to inform strategic decision-making.

Qualifications

• Extensive Cybersecurity Experience: At least 10 years of experience in the cybersecurity field, with a minimum of 3 years in a leadership or managerial role overseeing security engineering teams. This experience should encompass a broad understanding of cyber threats, defense mechanisms, and the cybersecurity landscape. 
• Cyber Threat Intelligence and Threat Modeling: Demonstrated expertise in leveraging cyber threat intelligence to inform detection strategies and conduct threat modeling on critical business applications. The ability to prioritize an engineering backlog based on structured threat intelligence is crucial. 
• Dashboard Development for Detective Controls: Proven capability to develop and maintain dashboards that accurately measure the coverage and effectiveness of detective controls. This includes the ability to interpret data and present insights in a clear, actionable manner to both technical and non-technical stakeholders. 
• Detection Assurance Program Implementation: Experience in implementing comprehensive Detection Assurance programs that programmatically test the effectiveness of current and prospective detection controls against prioritized threat scenarios using tools such as AttackIQ Firedrill and Safebreach. 
• Technical Cybersecurity Skills: A strong technical background in cybersecurity technologies and methodologies, with a particular focus on threat intelligence, detection, response, and prevention. 
• Leadership and Team Development: Exceptional leadership skills, with a proven track record of developing and managing high-performing, global security engineering teams in a dynamic environment. 
• Analytical and Problem-solving Abilities: Excellent analytical, problem-solving, and decision-making skills, capable of translating complex threat data into actionable defense strategies. 
• Communication and Collaboration: Effective communication and collaboration skills, with experience working across functional teams and engaging with all levels of management to integrate security practices. 
• Knowledge of Cybersecurity Frameworks and Standards: Familiarity with common cybersecurity frameworks, standards, and best practices, including but not limited to NIST. 
• Relevant Cybersecurity Certifications: Possession of relevant cybersecurity certifications (e.g., CISSP, CISM, GIAC) is highly desirable, demonstrating a commitment to professional development and expertise in the field. 
• In-depth Knowledge of MITRE ATT&CK Framework: In-depth knowledge and experience in implementing the MITRE ATT&CK framework within security operations. This includes the ability to use the framework for threat modeling, detection strategy development, and enhancing overall security posture by understanding and mitigating tactics, techniques, and procedures (TTPs) used by adversaries. 
• Ability to lead content discussion around incident investigation efforts and around around system architecture and design, and effectively coordinate communications. 

Additional Information

All your information will be kept confidential according to EEO guidelines.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and and it reflects what we believe.  See our DEI work in action!

Please contact us at [email protected] to request the salary range of this position (please include the exact Job Title as it reads above in your email). In addition to a competitive base salary and variable pay opportunity, Experian offers a comprehensive benefits package including health, life and disability insurance, generous paid time off including 12 company paid holidays and parental and family care leave, an employee stock purchase plan and a 401(k) plan with a company match.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here