AVP, Threat Management & Intel

Job Description

Seasoned Threat Management and Intelligence Leader is being sought to bolster the global security operations and threat management function by implementing strategies to enhance current operations and build new capabilities such as insider threat in a complex environment ship and shore. Proven track record in identifying and mitigating cyber threats (external and insider), leading incident response teams, and implementing advanced security measures for detection, analysis, and response to threats. Adept at navigating the ever-evolving landscape of cyber threats to ensure comprehensive protection for organizational assets. Ready to drive proactive security initiatives in a challenging and complex environment through automation, AI and process enhancements.

Essential Functions:

• Strategic Leadership:
  • Develop and steer a comprehensive strategic roadmap for Threat Management, covering both IT and OT systems on ships and shore globally.
  • Lead the team in deploying advanced monitoring tools and analytics to detect anomalies and potential threats effectively.
  • Drive the implementation of automation technologies for streamlined threat detection, alerting, and remediation.
  • Foster collaboration with other cybersecurity domain teams, ensuring seamless integration of threat detection capabilities into the overall security framework.
• Security Strategy and Planning:
  • Refine and execute Threat Management strategies, proactively identifying and mitigating external and insider threats using innovative tools, automation, and AI.
  • Contribute significantly to the enhancement of cybersecurity policies, standards, and procedures, aligning them with evolving threats and industry best practices.
  • Create and manage the financial plan for the Threat Management function, ensuring optimal resource allocation and financial efficiency.
• Incident Response:
  • Oversee the incident response activities including forensics;
  • Conduct post-incident analysis and implement lessons learned.
  • Custodian of the Incident Response Plan and associated training such as Crisis Simulation and TTX
• Threat Intelligence Analysis:
  • Lead the interpretation of threat intelligence data to identify potential risks to our environment.
  • Stay updated on emerging threats and vulnerabilities
• Team Management: Lead and motivate cybersecurity SecOps Team, promoting collaboration, professional growth, and a positive work culture.
• Vulnerability Management:
  • Oversee vulnerability assessments, penetration tests, and remediation oversight efforts;
  • Collaborate with System owners and IT leaders to ensure vulnerability remediation.
• Collaboration and Communication: Collaborate with the other security domains and brands to share best practices and communicate the latest cyber threats and intelligence pertinent to the business. Lead the communication of security concepts and updates to business stakeholders and non-technical personnel to educate them on threat related topics
• Reporting: Provide reporting on Threat KPIs and Incidents, and drive to compliance of the SLAs
• Vendor management: Responsible for cultivating and maintaining strong relationships with external suppliers. This includes release of requirements for the domain, support in negotiations, ensuring vendor compliance with agreed-upon and maximizing the benefits of the contract.

Qualifications:

• Possess a Bachelor's degree or higher in the field of Engineering, Computer Science, Business Informatics, Information Technology, Information security or equivalent advance technology field of study
• Desired to have one of or more of the following certificates: CISSP (Certified Information Systems Security Professional), GCIH (GIAC Certified Incident Handler), CISM (Certified Information Security Manager), CCTIA (Certified Cyber Threat Intelligence Analyst)
• A minimum of 10 years of experience in global-scale cybersecurity operations and threat intelligence and 5-7 years of cybersecurity team leadership experience.
• Cybersecurity Incident Response; Threat Intelligence Analysis; Familiarity with SIEM and SOAR Management and architecture and other SOC tools such as EDR; strong familiarity with network security; forensics analysis; vulnerability management; familiarity with penetration testing and red team leadership and management; Malware Analysis;
• Team management and stakeholder management. Skilled at mentoring and motivating staff, communicating goals and other corporate initiatives, and driving to results
• Master's degree in degrees relevant to IT preferred
• Previously acted as senior member of information security team in large organization preferred.

Knowledge, Skills and Abilities:

• Extensive experience in threat intelligence analysis and interpretation; Proven track record of leading and managing security operations teams; Expertise in developing and implementing robust security strategies and protocols; In-depth knowledge of the latest cyber threats, attack vectors, and vulnerabilities; Hands-on experience with security technologies, tools, and solutions; Strong understanding of incident response procedures and crisis management; Ability to conduct risk assessments and develop mitigation strategies; Experience in collaborating with cross-functional teams and stakeholders; Familiarity with regulatory compliance and industry standards in cybersecurity; Excellent communication and leadership skills to effectively convey complex security concepts to diverse audiences.

Physical Demands: Must be able to remain in a stationary position at a desk and/or computer for extended periods of time.

Travel: Less than 25% non-shipboard travel likely

Work Conditions: Work primarily in a climate-controlled environment with minimal safety/health hazard potential.

The range for this role's base salary is $180,000 - $220,000. Offers to selected candidates will be made on a fair and equitable basis, taking into account specific job-related skills and experience.

At Carnival, your total rewards package is much more than your base salary. All non-sales roles participate in an annual cash bonus program, while sales roles have an incentive plan. Director and above roles may also be eligible to participate in Carnival's discretionary equity incentive plan. Plus, Carnival provides comprehensive and innovative benefits to meet your needs, including:

• Health Benefits:
  • Cost-effective medical, dental and vision plans
  • Employee Assistance Program and other mental health resources
  • Additional programs include company paid term life insurance and disability coverage
• Financial Benefits:
  • 401(k) plan that includes a company match
  • Employee Stock Purchase plan
• Paid Time Off
  • Holidays - All full-time and part-time with benefits employees receive days off for 7 company-wide holidays, plus an additional floating holiday to be taken at the employee's discretion.
  • Vacation Time - All full-time employees at the manager and below level start with 14 days/year; director and above level start with 19 days/year. Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 84 hours/year. All employees gain additional vacation time with further tenure.
  • Sick Time - All full-time employees receive 80 hours of sick time each year. Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 60 hours each year.
• Other Benefits
  • Complementary stand-by cruises, employee discounts on confirmed cruises, plus special rates for family and friends
  • Personal and professional learning and development resources including tuition reimbursement
  • On-site preschool program and wellness center at our Miami campus

#LI-SC1

About Us

In addition to other duties/functions, this position requires full commitment and support for promoting ethical and compliant culture. More specifically, this position requires integrity, honesty, and respectful treatment of others, as well as a willingness to speak up when they see misconduct or have concerns.

Carnival Corporation & plc is a global cruise company and one of the largest vacation companies in the world. Our portfolio of leading cruise brands includes Carnival Cruise Line, Holland America Line, Princess Cruises and Seabourn in North America; P&O Cruises, and Cunard Line in the United Kingdom; AIDA in Germany; Costa Cruises in Southern Europe; and P&O Cruises in Australia. Our employees have a responsibility to be accountable for all actions. We consider the environment in all aspects of our business and have a responsibility to put safety and sustainability first. We live and share a positive attitude which is based on fostering an environment of inclusion, trust, a willingness to listen, openness and integrity.

Carnival Corporation & plc and Carnival Cruise Line is an equal employment opportunity/affirmative action employer. In this regard, it does not discriminate against any qualified individual on the basis of sex, race, color, national origin, religion, sexual orientation, age, marital status, mental, physical or sensory disability or any other classification protected by applicable local, state, federal and/or international law.

Benefits as a member of Carnival's Team:

• A comprehensive benefit program which includes medical, dental and vision plans
• Additional programs include company paid term life insurance and disability coverage and a 401(k) plan that includes a company match
• Employee Stock Purchase plan
• Paid vacation and sick time
• Cruise benefits
• An on-site fully accredited preschool educational program located at our Doral campus
• An on-site Wellness Center and Health clinic at our Doral campus

To view a copy of Carnival's FMLA, EEO and EPPA posters please visit: (click or copy and paste link into your browser).

https://www.dol.gov/sites/dolgov/files/WHD/legacy/files/fmlaen.pdf

https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf

https://www.dol.gov/sites/dolgov/files/WHD/legacy/files/eppac.pdf

https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf