POSITION SUMMARY: PVH is seeking a Senior Manager, Incident Response and Security Operations to join its Global Information Security Group (ISG). This position will be a vital leader of the Threat Response team, leading the Cyber Security Incident Response Team (CSIRT) activities and capabilities development with the support of SOC analysts and incident responders globally using a wide variety of tools. As the CSIRT leader, the candidate will be responsible for maturing and maintaining a global program that aligns with leading industry standards, advice, and direction. This involves operating and continually improving existing CSIRT processes, as well as the development of new processes in response to evolving threats and business requirements.PRIMARY RESPONSIBILITIES/ACCOUNTABILITIES OF THE JOB:
________________________________________________________________ QUALIFICATIONS & EXPERIENCE:Experience: 8+ years of technical security experience with 5+ years of experience managing and leading a cyber incident response or security operations team with an enterprise organization.Education: Bachelor's degree in related field or equivalent experienceCertifications: SANS GCIH, GSOC, GSOM, GCIA, GPEN, GMON, GCDA, GDAT or certifications relating to security operations or incident response preferred.Skills: Strong understanding of incident response processes, workflows, communications and reporting, escalations, and cross-department collaboration.
Manage the PVH Global CSIRT Team and Threat Monitoring Program:
Oversee the continuous monitoring, identification, intake, triage, response, remediation, and resolution of security incidents while prioritizing incidents based on risk or exposure.
Responsible for a team of global SOC analysts who continuously perform monitoring and triage of collected information and alerts to determine what is actionable
Ensure continual development of full security incident management lifecycle, from incident analysis, coordination, response to remediation and reporting with planned table top exercises
Overseeing the incident management process and team members involved in responding to and resolving the incident.
Responding to a reported service incident, identifying the cause, and initiating the incident management process.
Prioritizing incidents according to their urgency and influence on the business.
Producing documents that outline incident protocols such as how to handle cybersecurity threats.
Expand the usage of security monitoring tools to improve the security of the environment based on business use cases or changes in threat landscape, root causes from security incident response, or output from security analytics
Lead and improve security monitoring related functions
Perform deep forensic analysis to aid in finding threats/suspicious activities in the enterprise
Malware Reverse Engineering of new threats
Perform in-depth analysis in support of network monitoring and incident response operations
Expertise with tools and processes used in security incident detection and handling
Provide leadership and direction during major incidents as well as coordinating and facilitating all communications and escalations during the incident.
Maintain authoritative control of the incident response process while maintaining an overall incident perspective and ensuring the Incident Management processes are followed.
Produce clearly written post-incident reporting within agreed SLAs, assisting with After Action Reports (AAR) where required. Proactively monitor incident resolution, analyze, and highlight trends and root causes to Problem Management and/or relevant support teams.
Lead problem review sessions and coordinates critical problem resolutions to root cause, ensuring all incidents are logged and relevant parties involved.
Deliver results and achieve SLA/KPI performance by focusing on effective cross functional team collaboration and execution.
Keep current with threat intelligence, vulnerabilities, attacks, and countermeasures and devote time to threat research and improving PVH's defensive posture.
Provide consultation on technical security topics to the various Information Technology groups within PVH.
Lead efforts to streamline security operations in key areas including incident response, automation, and orchestration.
Guide team members on development plans to ensure the continued growth of the SOC Analysts skills and capabilities.
PVH Corp. or its subsidiary ("PVH") is an equal opportunity employer and considers all applicants for employment on the basis of their individual capabilities and qualifications, consistent with applicable law and without regard to race, color, sex, gender identity or expression, age, religion, creed, national origin, citizenship status, sexual orientation, genetic information, physical or mental disability, military status or any other characteristic protected under federal, state or local law. In addition to complying with all applicable laws, PVH also has a strong corporate commitment to inclusion, diversity and to ensuring that all current and future PVH associates are compensated solely on job-related factors such as skill, ability, educational background, work quality, experience and potential. To achieve these goals, across the United States and its territories, PVH prohibits any PVH employee, agent or representative from requesting or otherwise considering any job applicant's current or prior wages, salary or other compensation information in connection with the hiring process. Accordingly, applicants are asked not to disclose this salary history information to PVH