Job Details
Cyber Threat Defense Leader at Chemours in Boise, Idaho, United States Job Description As we create a colorful, capable and cleaner world through chemistry, we invite you to join our team to harness the power of chemistry to shape markets, redefine industries and improve lives for billions of people around the world. HELP SHAPE THE FUTURE OF CHEMISTRY AND THE WORLD From the frontline to the back office, every Chemours employee is part of something bigger than themselves as together we work to create a better world through the power of our chemistry. Chemours is a $6.3 billion company with a portfolio of products and processes that enable technologies and products that people use every day in their lives. From cellular phones to lower emission vehicles, to 5G communications and clean energy from hydrogen, we're collaborating with customers to make these innovations more capable. Simply said, we use our chemistry to change lives, shape markets, and redefine industries-one improvement at a time. Chemours is seeking a Cyber Threat Defense Leader to join our growing Cyber Fusion Center team This position will report directly to the Head of Cyber Threat Defense & Prevention in our Wilmington, DE or Remote location. As the Cyber Threat Defense Lead, this role will serve as a technical leader of the Cyber Threat Defense function within the Cyber Fusion Center by helping to facilitate the transformation of our current Security Operations Center (SOC) and the Chemours Incident Response Team (CIRT). This leader must have significant expertise and experience in operating and optimizing technical security controls and incident / event monitoring technologies for both the Enterprise and Operational Technology (OT) environments and must have strong skills in managing and handling complex incidents and coordinating large numbers of participants through all phases of the NIST computer security incident handling process. The candidate must have strong skills in Microsoft O365, Data Loss Prevention (DLP), and operating system hardening, as well as experience with enterprise risk management and vendor relationship management. The responsibilities of the position include, but are not limited to, the following: + Lead Logging & monitoring, incident response, and continuous red team programs + Lead 247 SOC function by providing technical direction and organizing and negotiating the allocation of company and managed service resources in a matrix structure, across time zone and national boundaries in time of Cyber crisis and peacetime + Continuously improve by creating, measuring and updating Incident Response Runbooks and Playbooks + Contribute to planning, design, implementation, and updating or tuning of use cases in SIEM + Define and manage KRI and KPI metrics to track and drive continuous improvement, including providing regular updates and reports to leadership + Assist with information or Cyber security projects as needed The following is required for this role: + 5+ years of experience in an IT role, with at least 2 in any of the following disciplines + Incident Management/Response + Penetration Testing / Adversary Emulation + Cyber Threat Intelligence + Operational Technology (OT) Security + Proven experience in Microsoft O365, Data Loss Prevention (DLP), and operating system hardening, as well as experience with enterprise risk management and vendor relationship management + Working experience with detecting and analyzing incidents, and coordinating activities with other stakeholders for incident triage, eradicating threats, and incident recovery + Contribute to the integration of malware analysis, forensic investigation, and threat research into incident response and long-term understanding of threats + Understanding of basic pen testing and red-teaming concepts with working experience performing red team operations in an enterprise environment + Working experience with Operational Technology (OT) incident detection and response The following is preferred for this role: + Certifications with corresponding experience will be used as a differentiator: GCIH, CISSP, GSOM, OSCP, OSCE, OSEP, CRTP, CRTE, CARTP, PACES, CRTO, etc. + Strong understanding of the MITRE ATT&CK Framework + Comfortable with SIEM Tools and various query languages: Splunk, ELK, Sentinel (KQL), etc. + Ability to operationalize various forms of threat intelligence (to support various areas of the cyber fusion center) + Conduct technical analysis against impacted systems to determine impact, scope, and recovery from active and potential cyber incidents Benefits: Competitive Compensation Comprehensive Benefits Packages 401(k) Match Employee Stock Purchase Program Tuition Reimbursement Commuter Benefits Learning and Development Opportunities Strong Inclusion and Diversity Initiatives Company-paid Volunteer Days We're a different kind of chemistry company because we see our people as our biggest assets. Instead of focusing just on what our employees do each day, we look at how they do it-by taking a different approach to talent development, employee engagement, and culture. Our goal is to empower employees to be their best selves, at Chemours and in life. And we're proud to be Certified by Great Place to Work . Learn more about Chemours and our culture by visiting /careers. (Chemours is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, race, religion, color, gender, disability, national or ethnic origin, ancestry, marital status, family status, sexual orientation, gender identity or expression, or veteran status. Jurisdictions may have additional grounds for non-discrimination, and we comply with all applicable laws. Chemours is an E-Verify employer Candidates must be able to perform all duties listed with or without accommodation Immigration sponsorship (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status) is not currently available for this position At Chemours, you will find sustainability in our vision, our business and your future. If you want to work on the leading edge of your field and have a desire to make a difference, join Chemours and discover what it means when we say 'We Are Living Chemistry.' In our pursuit to be the greatest place to work, we know that a critical element to enhancing our employee experience is to assure we're operating with a solid foundation of trust. At Chemours, this means being transparent about how we pay our employees for the work that they do. Pay Range (in local currency): $105,280.00 - $164,500.00 Chemours Level: 26 Annual Bonus Target: 11% The pay range and incentives listed above is a general guideline based on the primary location of this job only and not a guarantee of total compensation. Factors considered in extending a compensation offer include (but are not limited to) responsibilities of the job, experience, knowledge, skills, and abilities, as well as internal equity, and alignment with market data. The incentive pay is dependent on business results and individual performance and subject to the terms and conditions of the specific plans. At Chemours, you will find sustainability in our vision, our business and your future. If you want to work on the leading edge of your field and have a desire to make a difference, join Chemours and discover what it means when we say 'We Are Living Chemistry.' A new company. A new purpose. A new commitment to customers and chemistry. We are Chemours. And even more exciting is how our employees are committed to be catalysts for better. The word 'ours' To view full details and how to apply, please login or create a Job Seeker account