This job has expired, please see additional jobs below
Director, Incident Management
Pepperidge Farm Inc
Camden, NJ, United States
Job Details - this job has expired, please see similar jobs below
Imagine…working for a company that knows that its people are the key to its success in the marketplace. A company in which achieving extraordinary results and having a stimulating work experience are part of the same process.
We cultivate and embrace a diverse employee population. We recognize that people with diverse backgrounds, experiences and perspectives fuel our growth and enrich our global culture.
We are looking for an individual who enjoys working in a fast-paced, team oriented environment, likes to be challenged, and values the opportunity to make a difference.
General Summary
This individual will lead the strategy and ongoing operations of the Incident Management Program. This includes identifying how the Company will implement and maintain the detection, response and recovery capabilities as it relates to cyber attacks both present and emerging. The individual will partner with key stakeholders across the global environment including office, manufacturing and cloud environments. The individual will oversee an internal staff as well as manage the services of a third party Security Operations Center provided by a Managed Service Provider (8 – 10 people) as well as other forensic contracts such as Verizon.
Principle Responsibilities:
50% – Strategy, Program Development and Management of IR/ Security Operations Team
• Develop the 2 – 3 years strategic blueprint for the incident management program including people, process and technology, leveraging lessons learned, threat modelling and industry frameworks. Ensure that incident response program leverages industry standards such as NIST 800-61 and best practice.
• Defines, develop and implements cyber specific policies, protocols, procedures and guidelines to ensure appropriate detection, escalation and response across all Campbell’s environments including office, manufacturing, cloud and managed service environments.
• Partner with key business leaders to ensure that the strategy is aligned with Company objectives including leverage of cloud services, digital transformation/consumer engagement
• Perform threat modelling exercises to assess the effectiveness of the controls and identify gaps in detection controls across the global environment, including internal office, manufacturing, cloud and software as a service environments
• Partner with Enterprise Architect and IT Leadership to identify technical controls and identify strategic vendors/partners.
• Ensure that root cause analysis is translated into preventative measures so as to mitigate risk of future breach.
• Partner with Chief Privacy Officer to determine controls needed to detect and respond to a privacy breach.
• Lead the investigation, remediation and restoration efforts of IT, Third party resources, Legal, Corporate Communication, H.R. and others including the CLT as needed during a security or privacy breach.
• Manage the incident management services provided by a contract with a third party Security Operations Center/MSSP. This is roughly 8 – 10 people who will monitor Campbell’s Security Event Management System on a 24 x 7 x 365 basis.
• Prepare annual budget based value preservation and value creation
35% – Incident Management Leadership
• Maintain a responsive and effective security operation team of internal and external resources to identify, contain and resolve cybersecurity incidents to minimize business impact
• Lead the investigation, remediation and restoration efforts of a multi-disciplinary team including: IT, Third party resources, Legal, Corporate Communication, H.R. and others including the CLT as needed during a security or privacy breach..
• Escalate to the Crisis Management Team as appropriate and perform information security activities including oversight of third party forensics
• Partner with Legal and Chief Security Officer to determine when external notice to law enforcement and government agencies including regulatory authorities is required
• Testify in court if required regarding actions taken during breach including chain of custody, appropriateness of program etc.
• Ensure that activities meet industry standards for conducting security investigations including preserving chain of custody
• Ensure that there is an appropriate review of the incident and that lessons learned are incorporated into future strategy
• Partner with Information Assurance Team to conduct red-teaming exercises, unannounced penetration testing.
• Ensures that there is effective monitoring of team regarding indicators of compromise, threat intelligence sources, and other key performance indicators.
15% – Executive Communication and Training
• Establish dashboard with KPI’s to measure the efficiency and effectiveness of the program and enable the appropriate communication of incident management activities/progression/success
• Regularly meet with SOC/MSSP to review reports, metrics and ensure that service levels are being met
• In partnership with Risk Management, establish training for the company including Company Leadership including CFO, Chief Legal, CHRO, CEO. Etc.
• In partnership with Risk Management, conduct executive table top exercise
Job Complexity:
Incidents are often ambiguous situations with imperfect data. The Director needs to quickly ascertain the scope of the situation, come up with a plan to address it, and communicate it to leadership, their team and the Nike partners engaged.
The Director shapes Campbell’s Incident Response through analyze of business strategy and risks across the environment that is constantly evolving.
The Director must be able to appropriately allocate resources and services across internal and third party providers. The Director must be able to effectively communicate and engage Executive Leadership (including up the Board of Directors) in the event of a significant incident.
Responsibilities:
• BA/BS required
• 10 – 12 years of relevant experience in the following areas:
• Cybersecurity experience in large, complex business organizations including understanding of cybersecurity and the relationship between threat, vulnerability and information value in the context of risk management
• Ability to communicate technical security information with all stakeholders and customers in straightforward terms, making complicated technical issues understandable and actionable during a crisis
• Strong proficiency with cybersecurity management frameworks and industry leading practices
• Demonstrated strong knowledge of networks, desktops, servers, cloud and software as a service technology
• Demonstrated ability to build, lead and develop effective, cohesive and collaborative management and operational teams internally and with a third party Security Operations Center
• Proven ability to remain calm and making good decisions under pressure
• Experience with outsourced Security Operations Centers, contracting for and managing service levels etc.
• Ability to prepare financial plans and manage budget
• Demonstrated connections to external Incident Response leaders and learning organizations.
• Working knowledge of Security Event Monitoring Tools such as Splunk, Fortinet Firewalls, Microsoft ATP, EDR tools such as Cylance and Crowdstrike
Working Conditions
Normal corporate office environment, 0-5% travel as required by project assignment need. On call work is required.
The Company is committed to providing equal opportunity for employees and applicants in all aspects of the employment relationship, without regard to race, color, sex, sexual orientation, gender identity, national origin, citizenship, marital status, veteran status, disability, age, religion or any other classification protected by law.
In that regard, U.S. applicants and employees are protected from discrimination based on certain categories protected by Federal law. Click here for additional information.