Tech Lead, Cyber Security Threat Management and Forensics at Blackbaud
About the role:
Blackbaud is seeking a technical leader for our Incident Response, Forensics, Threat Intelligence and Threat Hunting team. The candidate will help evolve the strategy, technology, execution and operational activities for these functions. The role is critical to Blackbaud's ability to respond to attacks, and proactively evolve our Cyber Security program to stay current with emerging threats.
What you'll be doing:
• This is a player/coach role with the expectation of being an individual contributor and driving the vision and strategy of our program forward. Functions will include incident response, detection and alerting, measuring team effectiveness, and understanding the trends, themes, and details of threats against Blackbaud and its' customers. Leveraging lessons learned from each of these areas to drive product and corporate strategy to address root causes.
• This role will be a key team member of our Digital Forensics team, conducting data forensic investigations for enterprise security incidents including but not limited to internal and external intellectual property theft, attacks/intrusions, computer abuse and insider threat investigations.
• Maintain detection, alerting and incident response processes that meet and exceed compliance and regulatory requirements (GDPR, PCI, HIPAA, SOX).
• The candidate will work closely with stakeholders across the organization to deliver and evolve a world class ability to detect and respond to threats as they affect the company, its clients and users
• Consume and develop proactive threat intelligence that allows Blackbaud to modify controls in advance of adversaries.
• The candidate and team will also work across Blackbaud to deeply understand business and technology context in order to rapidly respond to emerging threats to the company.
• Follow through on leads until all possible avenues in investigating a case have been exhausted, maintaining full chain of custody and evidence tracking.
• Provide expert analysis and interpretation of forensic artifacts, including expert opinions when necessary and also engage with law enforcement as needed.
What we'll want you to have:
• Bachelor's Degree in Computer Engineering, Computer Science, Cyber Security or related field, or equivalent experience
• 10+ years of experience with significant background in Incident Detection and Response, eForensics and Engineering.
• Deep expertise in Digital Forensics and in-depth threat hunting.
• Understanding of threat intelligence and tracking TTPs (Techniques, Tactics, and Procedures) of notable adversaries.
• Experience working with law enforcement.
• Exceptional relationship and stakeholder management, negotiating competing priorities and demonstrated ability to gain trust, have constructive debates and effectively influence. Ability to manage and lead change within a team and across the organization.
What we'll prefer you have:
• Certification in both management and highly technical information security disciplines such as CISM, CISSP, CCSP, CCNP, CCDE, CCIE Security, and GIAC.
• Digital Forensic and Incident Response Certifications such as GCFE, GCFA, CHFI, CCE, CFC, EnCE, CFCE, CART, NCFI BICEL, BCERT, and/or AFT
• Previous leadership experience