Threat Detection Team Lead

Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been name in the 100 “World’s Most Innovative Companies” by Forbes Magazine. 

The Threat Detection Team Lead is an essential part of Experian’s Cyber Fusion Centre (CFC). The first assessment on security incidents are conducted by Level 1 Analysts, and when necessary they will escalate the case to the Threat Detection Team Lead, who will then perform a more in-depth analysis and further triage of network security threat activities. The lead analyst also supports the development of new analytic methods and content, conducts impact analysis, and proposes remediation actions.

What you'll be doing

• Provide leadership to level 1 and 2 analysts, including feedback on quality of work, driving case quality
• Collaborate with external teams for incident resolution and escalations, ensuring questions and concerns from Experian users are answered in a timely manner
• Support strategic plans and projects driving and supporting overall Information Security goals and objectives
• Track tactical issues in execution of CFC responsibilities and report to management any issues that could impact the CFC
• Provide recommendations for security tools resulting in increased security posture or fidelity rate efficiency
• Author and maintain Standard Operating Procedures (SOPs) and training documentation to include improvements and evergreen process
• Assist management with responding to audit questions by providing evidence of processes and procedures
• Assist the Cyber Threat Intelligence (CTI) team on use case development by suggesting enhancements or new use cases to improve the overall security posture of Experian
• Participate in proof-of-concept projects with the security engineering team to ensure the CFC is adequately represented
• Respond and support Tier 1 team; perform in depth analysis on escalated events, provide severity rating, initiate the major incident response process as needed and document actions taken. Articulate the event’s history, status, and potential impact for further action in accordance with the organization’s cyber incident response plan
• Coordinate with enterprise-wide cyber defense staff to validate security control alerts
• Perform cyber defense trend analysis and reporting
• Plan and recommend modifications or adjustments based on exercise results or system environment
• Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities
• Monitor environment longitudinally for long term pattern detection
• Organize quarterly tabletop exercises with team
• Review, approve and disseminate new content information within SLAs
• Maintain scheduling and shifts to ensure 24x7x365 coverage

What your background looks like

• 5+ years’ experience in Threat Detection Roles
• Demonstrates expert technical skills that are needed to defend the enterprise environment, such as:
  • In-depth packet analysis skills, core forensic familiarity, incident response skills, and data fusion skills based on multiple security data sources
  • Scripting and automation
  • System administration on Unix, Linux, or Windows
  • Network forensics, logging, and event management
  • Defensive network infrastructure (operations or engineering)
  • Vulnerability assessment and penetration testing concepts
  • Malware analysis concepts, techniques, and reverse engineering
  • In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and continuously improve these skills
  • Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others
• Demonstrated ability to work in a team environment, able to train and coach other team members
• Excellent verbal and written communications skills and ability to produce clear and thorough security incident reports and briefings to both technical and non-technical audiences
• Able to work on a 12x7 shift rotating schedule
• Relevant technical and industry certifications are a plus, e.g. Comptia, GIAC certifications, CISSP, OSCP, SIEM vendor-specific certifications

Perks

• ​20 days of vacation accrued annually, five sick days, and two volunteer days (plus twelve paid holidays) 
• Competitive pay and comprehensive benefits package, with a bonus target of 15% 
• This role can be 100% remote long-term or you can work out of one of our offices 
• People-focused culture where personal and professional growth is prioritized 
• Recognition and celebration of performance and achievements 
• Power to bring your whole self to work – where your differences and values will be respected and celebrated 
• Employee Resource Groups set up and run by employees, for employees. These networks build, celebrate, and further understanding of the diverse identity and experiences within Experian, in support of our commitment to diversity and inclusion 
• International network of peers; mentorship programs 

All your information will be kept confidential according to EEO guidelines.

Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay range for this position is listed above.  Within this range, individual pay is determined by work location and additional factors such as job-related skills, experience and education.  This position is also eligible for a variable pay opportunity and a comprehensive benefits package which includes health, life and disability insurance, generous paid time off including paid parental and family care leave, an employee stock purchase plan and a 401(k) plan with a company match.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. We’re passionate about unlocking the power of data to transform lives and create opportunities for consumers, businesses, and society. For more than 125 years, we’ve helped people and economies flourish – and we’re not done.

We take our people’s agenda very seriously. We focus on what truly matters; diversity and inclusion, work/life balance, flexible working, development, collaboration, wellness, reward & recognition, volunteering, making an impact... the list goes on. See our DEI work in action!

The power of YOU. We are building a culture where everyone is comfortable bringing their whole self to work. A place where we not only respect our differences and values but celebrate them in a positive and supportive environment.

Find out what is like to work for Experian and discover the Unexpected!