Crawford Is Hiring IT Security Director For Global Operation Center.
Global Security Operations Center (GSOC) Manager
Summary of Role:
The Global Security Operations Center (GSOC) Manager will be responsible for building, staffing and operating a global security operations center of excellence that provides 24/7/365 security event monitoring of Crawford’s infrastructure worldwide.
The GSOC Manager provides technical oversight for security tool selection and implementation, develops and maintains processes and procedures used to manage security operations and incident response activities, provides briefings at various levels of management regarding ongoing security incidents, and provides executive-level updates regarding the status of GSOC implementation.
In addition, the GSOC Manager will be responsible for all administrative tasks related to managing a team of GSOC employees. This is a highly technical, hands-on leadership role with high visibility and significant responsibility.
* Leads the GSOC team, providing 24/7/365 security operations and monitoring for Crawford’s locations worldwide.
* Monitors, analyzes, and processes real-time threat information and bulletins from external sources, including federal, state, city, industry, and vendors.
* Leads the team that recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information.
* Conducts security log management and monitoring.
* Facilitates management of vulnerabilities identified within the network environment (vulnerability / patch management).
* Coordinates vulnerability detection, assessment and mitigation activities.
* Performs risk assessment and deployment of security patches.
* Quickly spots problematic trends and takes proactive steps to mitigate impact.
* Disseminates information and provides direction to IT staff around the globe on incidents, emerging risks, vulnerabilities, threat events and recommended actions to be taken.
* Creates, manages and maintains the cyber security incident response process, GSOC operating procedures and other similar documentation.
* Ensures the GSOC is trained to prepare for, respond to, and recover the organization for business disruptions and / or significant incidents.
* Develops comprehensive reporting for senior management, including maintaining and reporting security metrics.
* Approves cyber security architecture, preferred vendors, equipment and configurations to ensure the desired degree of diversity and defense-in-depth protective strategies are employed.
* Evaluates new or improved technologies on a regular basis for the purpose of replacing or upgrading existing GSOC tools.
* Interprets and prioritizes threats through use of security tools, such as SIEM
* Continuously monitors levels of service.
* Provides input to resource planning, cost estimation, budget development and cost controls.
* Hires and leads GSOC personnel including providing performance reviews, real-time feedback, and assisting in career planning and promotional opportunities.
* Upholds the Crawford Code of Conduct.
Desired Skills and Experience
Education: Bachelor’s degree in a technical engineering or IT related field.
Knowledge and Skills:
- Experience working in or building a SOC, experience with follow-the-sun coverage models and managing a team of individuals located in multiple countries around the globe.
- Familiarity with all facets of cyber security.
- Detailed working knowledge of a variety of security tools and software, including open source tools and tools used for SIEM, DLP, configuration management, anti-malware, password vaulting, patch deployment, encryption, vulnerability scanning, and others.
- Familiarity with commonly known security practices and security-related guidelines, regulations and frameworks, such as ISO 2700x series, NIST 800 series, PCI DSS, HIPAA.
- 8-10 years progressively responsible technology experience.
- 1-3 years leadership experience.
- Strong interpersonal, verbal, presentation and written communication skills.
- Strong analytical skills.
Establishes and maintain key relationships within ICT, Legal, Corporate Compliance and Business partners.
Expected to hold one or more security certifications relevant to the position, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Computer Security Incident Handler (CSIH), CISM (Certified Information Security Manager).
Networking certifications or background in systems and/or network administration desirable.
Must complete continuing education requirements as outlined by Crawford Educational Services
About this company
Based in Atlanta, Ga., Crawford & Company (www.crawfordandcompany.com) is the world's largest independent provider of claims management solutions to the risk management and insurance industry as well as self-insured entities, with an expansive global network serving clients in more than 70 countries. The Crawford System of Claims Solutions offers comprehensive, integrated claims services, business process outsourcing and consulting services for major product lines including property and casualty claims management, workers compensation claims and medical management, and legal settlement administration. The Company’s shares are traded on the NYSE under the symbols CRDA and CRDB.