[Remote] Manager, Information Security – IR & Insider Risk

Note: The job is a remote job and is open to candidates in USA. Victoria’s Secret & Co is a world-leading specialty retail brand recognized globally for innovation and excellence in lingerie and fashion. The Manager, Information Security – IR and Insider Risk will lead the Information Security Incident Response team, focusing on insider risk and incident management while collaborating with multiple business and IT partners.

Responsibilities
• Lead the Incident Response team and coach team members through incident response and management
• Be available 24/7 for on-call purposes in leading incidents that span multiple time zones
• Establish and lead a dedicated insider risk team, leveraging people, process, and technology to best defend our organization from potential internal threats
• Hold our incident handlers accountable to following process, documenting process, and thorough cyber investigations to protect VS&Co to its fullest potential
• Ensure incident handlers have adequate knowledge of the environment they are protecting
• Participate and help lead technical tabletop exercises for IT and security stakeholders, simulating real-world attack scenarios
• Responsible for development of team members in both offensive and defensive security disciplines – driving alignment on technologies and platforms in use at VS&Co
• Conduct administrative management duties including performance management, talent development and related administrative tasks
• Develop, tune, and report on KPI’s for our SOC, and insider risk teams
• Oversee deployment, tuning, and operational use of insider risk technologies (DLP, UEBA, CASB, IAM analytics)

Skills
• 8+ years' experience in Cybersecurity Technologies
• 3–5 years of experience in incident response handling
• 3–5 years of experience utilizing enterprise security toolsets for investigations and proactive security control enforcement (SIEM, EDR, firewall, WAF, etc.)
• Demonstrated hands-on expertise and impact in similar roles in fast-paced, complex environments
• Strong understanding of MITRE ATT&CK framework, threat emulation, and detection engineering
• Experience utilizing telemetry of all types; including, but not limited to: DLP, UEBA, CASB, IAM toolsets, and cloud service providers (Azure, GCP, AWS)
• Proven leadership or mentoring experience in cybersecurity teams
• Ability to communicate and engage effectively at all levels of the organization within IT and with non-IT stakeholders
• Experience in building purple team programs from the ground up
• Familiarity with cyber threat intelligence and TTP development
• Experience managing third parties to help deliver managed bot mitigation and WAF capabilities for web-based applications
• Relevant certifications (e.g., CISSP, GCIH, CTIP, SSCP, CISM)
• Experience working in or securing retail environments, including POS systems, eCommerce platforms, and distributed IT infrastructure
• Bachelor's degree in information technology or equivalent experience

Company Overview
• Victoria’s Secret & Co. It was founded in 1977, and is headquartered in Columbus, Ohio, USA, with a workforce of 10001+ employees. Its website is https://www.victoriassecret.com/.

Apply tot his job

Apply To this Job

Ready to Apply?

Don't miss out on this amazing opportunity!