Senior Manager, Global Security Operations Center (GSOC) (SRO)
Austin, TexasJob ID R72779 Date posted May. 14, 2019
Senior Manager, Global Security Operations Center (GSOC)
Location: Austin, TX
Dell provides the technology that transforms the way we all work and live. But we are more than a technology company — we are a people company. We inspire, challenge and respect every one of our over 100,000 employees. We also provide them with unparalleled growth and development opportunities.
The Dell Security & Resiliency organization manages the security risk across all aspects of Dell’s business. We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career.
Dell Technologies is building state-of-the-art security programs to better protect our people, information, property and brand. This Senior Manager will lead and set the strategic vision for our 24/7 Global Security Operation Center. Responsibilities include providing day-to-day leadership of a Security & Resiliency Office (SRO) risk overwatch team and will also provide leadership for time sensitive, real-time situation awareness security risk response and remediation activities. This role will manage three core programs:
- Traditional security operation center functions focused on monitoring, alerting, initial triage, anomaly and alarm management response and the single intake (e.g., employee emergency communication channels) of and report collation of security incidents
- Emergency management and critical incident management focused on direct response plan activation support, coordination with the response team leaders from the major disciplines and risk owners, bi-directional communication leveraging technology for mass notification/emergency notification, and similar
- Risk, threat, and vulnerability (RTV) analysis with a strong focus on global, real-time situational awareness and risk assessment for our team members, customers and invitees; corporate security intelligence and information sharing aligned with the business’ needs and Dell Technologies value chain; and linkage to and fusion of the suite of SRO risk adaptation and mitigation services.
This opportunity will be responsible for jointly designing the GSOC fusion function concept, building a collaborative team, improving communication, and creating and employing a strategy that leverages the latest automated technological solutions and supports deep data analysis.
Principal Duties and Responsibilities:
- Partners with peer SRO organizations and key internal stakeholders to ensure that RTV monitoring, triage, escalation and intelligence products are aligned with the overall SRO strategy.
- Drives process implementation and improvement, manages short and long-term projects, maintains and enhances internal and external stakeholder relationships and directly supervises a team on 24-7 assigned shifts.
- Retools, leads, manages, and motivates a team in a dynamic, rapidly-evolving and cross-functional environment that is centered around the use of people, process and technology to ensure life-safety, security and resiliency.
- Ensures compliance with Dell Technologies and SRO requirements and expectations; monitors natural, manmade and technical disasters for their impact to team members, critical functions, facilities/location assets; and makes rapid notifications via mass communication tools to stakeholders.
- Manages a diverse internal customer (lines of business and strategically aligned businesses) portfolio and range of intelligence service requests, while upholding impeccable qualitative standards and consistently meet strict deadlines.
- Develops productive relationships with high-level domestic and international intelligence networks, and public-private sector association.
- Manages the performance of RTV assessments; determines deviations from acceptable indicators, triggers and tripwires; aids in the assessment of the level of risk; develops and/or recommends appropriate risk adaptation or mitigation countermeasures. Aids the risk owners in identifying and remediating risks in a timely manner.
- Manages the development of security career enhancing workforce plans, strategies, and guidance to enable the recruiting, development and retention of the best professionals possible. Creates training and education requirements to address changes to security policy, emerging threats, certification requirements and industry best practices through partnerships with universities, certification companies, state/federal/international partners and other innovative strategies that deliver relevant content. Provide coaching and mentoring to team members, recommend training as appropriate, and provide guidance and direction to staff related to career planning.
- Manages the creation of governance risk and compliance standards (policies, processes, work plans, templates) by which the GSOC program is managed and measured against. Develops and maintains these security plans, strategy, and policy to support and align with SRO initiatives and regulatory compliance. Ensures GSOC security program has a governance model based on proven practices.
- Advises SRO leadership on risk levels and security posture, and on the cost/benefit analysis of GSOC programs/projects, policies, processes, systems and elements. Ensures GSOC has a properly managed risk management framework.
- Manages the preparation and presentation of governance and compliance management reports, key performance metrics, scorecards, and briefings as required to SRO leadership. Works with leadership to use continuous monitoring scoring and grading metrics to make GSOC investment decisions to address persistent issues. Works with organization risk analyst to ensure risk metrics are defined that realistically support continuous monitoring. Ensures the enterprise has a GSOC scorecard that presents a clear view of the health of the organization, including but not limited to RTV exposures (categorized by lines of business and rolled up), operational defensive effectiveness (detection, response, remediation of RTVs), and similar.
- Manages the performance of evaluations of the GSOC program and its individual components to determine compliance. Tracks findings and reports on remediation progress. Supports policy compliance, governance and incident response programs. Prepares audit reports that identify technical and procedural findings and provides recommended remediation strategies/solutions. Coordinates external audit requirements. Ensures systems, processes and people comply with published policy and alerts personnel to potential risk areas.
- Manages, compiles and reviews budgets for the GSOC program using actual performance, previous budget figures, expense reports, and other data sources to control funds and provide for proper financial administration. Tracks contracting costs and needs, managing statement of work efforts. Ensures GSOC program manages costs effectively, projects future budget needs, improves services received and meets schedule demands for service delivery.
- Ability to direct teams located at multiple locations and able to track & manage simultaneous activities
- Ability to facilitate activities, tasks and deliverables of managed services providers
- Possesses strong written and verbal communication skills with both technical and non-technical audiences
- Bring calm from chaos, cool under pressure, objective and diplomatic
- Strong analytical skills
- Able to work collaboratively with minimal supervision as part of a multi-disciplinary team
- Understands when to escalate and can influence without direct authority
- Strong human relations skills to select, develop, mentor, discipline and reward employees
- Must be flexible in work schedule to allow for management of 24x7 team
- Bachelor’s degree with 12+ years relevant experience; or equivalent professional experience in a GSOC or similar role
- 8+ years of experience leading GSOC, fusion center, information sharing and analysis center, or similar
- Minimum 10+ years of experience in monitoring security events and critical security incident response handling
- Minimum 10+ years of experience with network-based security mitigation systems or tools
- Firm understanding of security controls and best practices to secure varying platforms
- Proven track record managing security focused teams
- Demonstrated experience in developing and implementing an operational security strategy in a large, complex, multinational and diverse environment with successful outcomes
- Proven analytical and problem-solving ability
- Comfortable interfacing with other internal or external organizations regarding incident response situations
We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities — all to create a compelling and rewarding work environment.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here.