Director, Computer Network Defense (CND)
Devo, the cloud-native logging and security analytics company, empowers security and operations teams to maximize the value of all their data. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud. Headquartered in Cambridge, Mass., Devo is backed by Insight Partners, Georgian, and Bessemer Venture Partners.
As the Director, Cyber Network Defense (CND) operation, you'll lead and perform specialized computer network defense duties, including infrastructure support, incident response, auditing, and managing. You'll also detect and protect against unauthorized activity in the cyberspace domain and use a variety of tools to analyze and respond to attacks.
Responsibilities:The CND Director shall have demonstrated capabilities to analyze highly complex cyber security and network issues, recommend plans of action for CND staff, and manage teams supporting resolution of these issues.Serve as the main point of contact for the Chief Information Security Officer, Information Systems Security Officer, Information Assurance Officer, and Governance, Risk and Compliance Officer, and Devo senior management.Develop, manage, and maintain the cyber incident response plan.Serve as senior Security Incident and Event Management Engineer (SIEM).Responsible for delivery of client specific SIEM management solutions.Serves as an escalation point for critical and complex Information Technology (IT) and Operational Technology (OT) internal and external to Devo, performs configuration and testing of products.Assists with developing and documenting work processes and trains other members of the team.Proactively maintain and develop all Linux OT infrastructure technology to maintain a 24x7x365 monitoring service.Proactively maintain and develop multiple operating systems IT infrastructure technology to maintain a 24x7x365 monitoring service.Act as a Subject Matter Expert in CND and be able to configure, manage, operate, and administrate the platform for managed SIEMs in the IT and OT environment.Requirements:Bachelor of Science in Computer Science, Engineering, Information Technology, Cybersecurity or equivalent experience.SIEM Engineer: Tier III level manager and technician.Deep technical knowledge on multiple security technologies.Solid understanding of information security and networking, and extensive experience interacting with customers.In-depth knowledge of Linux (RedHat, Ubuntu, etc.), Windows, and other operating systems.Hands-on experience with MySQL and/or MariaDB.Familiarity with VMWare and SAN management and concepts.Expert in Shell, Perl, and/or Python scripting.Solid knowledge of protocols such as DNS, HTTP, LDAP, SMTP and SNMP.Additional Linux certifications (RHCT, RHCE and LPIC) will be considered an advantage.
#J-18808-Ljbffr