| Company | The Hershey Company |
|---|---|
| Location | Hershey, PA |
| Preferred GIAC Certifications | GSEC, GCIH, GCIA, GCCC, CISM |
| Travel | 10% |
| Salary | Not provided |
| URL | https://careers.thehersheycompany.com/us/en/job/HERSA005H9708/Director-Security-Operations |
| Contact Name | Jeremiah |
| Contact Email | jhainly/at/hersheys.com |
| Expires | 2021-01-26 |
Job Description
Hershey, PA preferred. Remote work available for the right candidate.
Major Duties/Responsibilities:
The Director of Security Operations is responsible for building a best in class program to protect The Hershey Company from security incidents and deliver an enterprise program to detect and respond to security events. This position will be responsible for developing and executing the organizations protection strategy, developing the standards for system monitoring and ensuring Hershey maintains a robust response and recovery capability. This role will also be responsible for managing and developing talent and the associated talent strategies. This person will also be part of the Security Leadership team and will be involved in helping to lead and mature the security program.
Primary Responsibilities:
- Building and maintaining systems that allow us to operate securely at scale by protecting our critical assets and information and collecting, analyzing and alerting on anomalous activity
- Develop and maintain a threat intelligence capability to identify and classify adversaries, campaigns and techniques and drive meaningful program strategies to address risk
- Monitoring for suspicious activity, investigating, and responding appropriately
- Identification of security weaknesses and ensuring reasonable resolution timelines
- Bring a solutions-oriented approach and support your teams in doing the same
- Think strategically about security improvements, develop appropriate roadmaps and oversee delivery and execution
- Build relationships with other teams to influence positive security change
- Grow diverse teams and ensure the personal development of your team members
- Support and empower ownership within the teams of the full lifecycle, quality, and provability of our security controls from creation to operation
- Drive innovation and efficiencies across our security stack
- Mature and maintain our ability to appropriate respond and recover from security incidents and regularly evaluate our environment, capabilities, and processes through table-top and real-world testing
- Provide situational awareness of our security posture in business terms and context
- Establish IT/OT integration of Security Operations program capabilities
Summary of major duties:
- Development and execution of program strategy and key initiatives
- Establishing alignment across the enterprise to drive improvements to information security posture
- Manage team resources and develop talent to meet current and future needs of the organization
- Manage and maintain organizational readiness to respond and recovery from security incidents
- Establish and govern key KRI, KPI and SLAs of the security operations program
Education:
- BS in Computer Science, Information Security or related field OR equivalent work experience (6 years of experience). One of the following security certifications: CISSP, Security+, GSEC, GCIH, GCIA, or CISM is preferred
Experience:
- 10+ years Information Security or Security Operations experience w/ 5 years of leadership experience
