Director, Threat Analysis & Response

Xylem Inc. Chicago , IL 60602

Posted 2 weeks ago

Xylem |zlm|

  1. The tissue in plants that brings water upward from the roots;
  2. a leading global water technology company.

We're a global team unified in a common purpose: creating advanced technology solutions to the world's water challenges. Developing new technologies that will improve the way water is used, conserved, and re-used in the future is central to our work. Our products and services move, treat, analyze, monitor and return water to the environment, in public utility, industrial, residential and commercial building services settings. Xylem also provides a leading portfolio of smart metering, network technologies and advanced analytics solutions for water, electric and gas utilities. In more than 150 countries, we have strong, long-standing relationships with customers who know us for our powerful combination of leading product brands and applications expertise with a strong focus on developing comprehensive, sustainable solutions. For more information, please visit us at

If you are excited and passionate about helping us solve water, we want to hear from you!

The Role: Xylem seeks to hire a Director of Threat Analysis & Incident Response to be the global focal point for 24/7 security incident management across the Company. This leader will coordinate appropriate response and actions, utilizing multiple platforms, suppliers, and internal and external support groups. The Director will lead a team of security professionals whose core function is to provide continuous cybersecurity monitoring, incident triage, investigative response and data analysis services for the Company as well as running coordinated Table Top Exercises. The Director provides leadership and guidance and acts as a primary contact for senior management across enterprise and the evaluation, development, implementation, and monitoring of information security strategies and tools, for effective response.

The position will require collaboration across business units, IT infrastructure and application teams, software development and cloud architecture and other internal functional groups (Legal, Procurement) to ensure that the strategy and execution elements of Global Cybersecurity meet the needs of the Xylem.

Essential Duties/Principal

  • Responsibility for information cyber security analysis & response with the mission of protecting against internet attacks / threat actors.

  • Lead the Cyber Threat Analysis & Response organization, to include the Continuous Threat Analysis Center (24/7), Incident Response Center, Cyber Counter Threat and Intelligence capabilities.

  • Lead initiatives and the implementation of capabilities in order to advance the Cyber Threat program.

  • Provide guidance and advocacy with regards to prioritization of Cyber Security investments, while ensuring effectiveness and risk reduction is gained, provide leadership & coordinate with stakeholders on matters relating to the definition of cyber security architectural principles and standards.

  • Enhance and distribute security incident response and escalation procedures to ensure timely and effective handling of security events and alerts.

  • Enhance Cyber Security program and strategy, and to expand threat management services across global business units.

  • Maintain industry affiliations that provide the necessary intelligence to proactively respond to threats. Such affiliations may include ISAC's (Information Sharing and Advisory Center), Europol, US DHS (Department of Homeland Security), FBI, etc.

  • Apply knowledge of technical, analytical, project management, and negotiating skills to ensure the confidentiality, integrity, and availability of all information systems assets and ensure compliance with company policies, procedures, contractual, and regulatory requirements.

  • Establishes and governs security event monitoring/detection and cyber threat response and recovery capabilities and serves as the subject matter expert regarding all information security incident responses for the enterprise, including insider threat and data loss prevention

  • Works with IT Leadership to proactively develop and monitor information security strategies to protect the company from existing and future threats.

  • Actively provides consistent communication to key IT and business stakeholders on metrics and measures and the potential of new threats

  • Provides end-to-end problem management and root cause analysis for security incidents across the Enterprise

  • Works with security architecture & engineering, penetration testers, and strategic partners to architect advanced solutions to address issues

  • Provide extensive support and assistance to senior leadership for decision on future investments and addressing complex issues impacting Xylem's security posture.

  • Coordinates with internal and external partners to negotiate and place security-related orders for services.

  • Provides input in the development of operating and capital budgets.

  • Work closely with the Chief Security Officer on the development of functional goals and objectives.

Minimum Qualifications:
Education, Experience, Skills, Abilities, License/Certification:

  • Bachelor's degree in STEM field, related discipline, or equivalent experience.

  • Minimum 8+ years of increasingly diverse and complex experience in field of Cybersecurity within a global environment, with at least a minimum of 5+ years in security architecture and application, infrastructure security.

  • Excellent verbal/written communication, collaboration, analytical and presentation skills to lead an environment driven by customer service and team work; must be able to set goals and participate in strategic initiatives for a team; and foster the development of high performance teams and interface with all levels of the organization; ability to participate in development of resource plans and structures and influence organizational priorities

  • Extensive experience working with Cyber Security vendors negotiating rates, contracts, and service level agreements.

  • Excellent communication, analytical, and writing skills with the ability to participate in and lead team based projects.

  • Ability to carry high-level conversations; proven ability to present to senior leadership.

  • Experience and in depth understanding of the latest security principles, application security architecture, security technologies, techniques, standards and protocols.

  • Experience managing & configuring security technologies such as Next Generation Firewalls, Intrusion Prevention, anti-malware/anti-virus, endpoint security technologies, SIEM, log collection / management

  • Must work well in a dynamic team that is geographically dispersed.

  • Must maintain information security /cybersecurity certifications (e.g. CISSP, GCIH/ECIH, CISM

  • Analytical decision making

  • Influential communication

  • Business focused delivery

  • Inspiring accountability

  • Continuous improvement mindset

  • Leading people & teams (for people manager)

  • Cross-boundary collaboration

  • Managing change

  • Design Excellence

  • Planning & prioritizing work

  • Developing capability (for people manager)

  • Project management

Physical Demands:

(The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)

  • Regularly required to sit or stand, reach, bend and move about the facility

Work Environment:

(The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)

  • Office: Standard office equipment; work usually performed in an office setting free from any disagreeable elements.

  • Standard weekly job hours: 40 hours

EOE including disability and veteran

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Incident Response / Threat / Vulnerability Program Manager

The Climate Corporation

Posted 2 weeks ago

VIEW JOBS 4/10/2019 12:00:00 AM 2019-07-09T00:00 Incident Response / Threat / Vulnerability Program Manager Position Overview: This position reports to the Security Programs and Information Security Management System (ISMS) Lead in the Climate Security Office. You will be responsible for managing the day-to-day Incident Response (IR) process, ensuring that your IR colleagues in our parent companies have access to our systems and networks to ensure the processes you develop in conjunction with them are effective, efficient, and executable. You will also be responsible for working with reports of threats and vulnerabilities within Climate's systems and networks, ranging from insider threat to external actors, and vulnerability in open source, Commercial Off The Shelf (COTS), and in-house developed software. You will work with IT, Engineering, and Operations teams to mitigate risk from threats and vulnerabilities using a range of measures. You will liaise with your colleagues in our parent companies to effectively investigate and report on insider threats. Lastly, you will work with colleagues in the Security Office to report accurately the risk picture arising from vulnerable systems and software, the use of non-compliant software, and threat actors. What You Will Do: This is a challenging job with several, interrelated responsibilities. Climate has complex, diverse computing environments, both on-premise and in cloud environments, used by business operations, Engineering (software development), and Operations (our production environment). You will work with IT and Operations teams, and your colleagues in the greater Incident Response (IR) teams in our parent companies, to scope, develop, test, and operationalize incident response plans. These plans will document how incidents are detected and qualified, who has responsibility for triaging them, how and who they are escalated to, and how the IR teams respond. You will ensure that IR teams have access to each of the computing environments to perform their duties. You shall work with Departments and the Procurement function to qualify and ensure that future technology purchases are integrated into IR planning and processes. Within our computing environments you will be responsible for vulnerability management. You will work with teams responsible for each environment to ensure they are free of vulnerability using a range of tools and business processes, from vulnerability scanning, software inventory, to governance. You shall develop the processes to identify vulnerable systems and work with system owners to ensure that vulnerability is removed or risk attached to it mitigated sufficiently. You shall provide accurate reporting on the state of the computing systems we use. You shall work with Departments to report unsanctioned software to ensure its removal, and to identify legitimate software in use. You shall be a key part of our threat management function, working with intelligence feeds from our parent companies, to identify internal and external threats. You will ensure that the intelligence is incorporated into our IR and vulnerability management programs. You will work with the Internal Risk team in our parent companies. You will work with Security Engineering teams in IT and Operations to qualify technology that can be leveraged to implement theIR and threat and vulnerability management programs, and to participate in its acquisition, deployment, configuration, and operationalization. You will be a consumer of the reports and insight that the technology provides. You will provide your insight and expertise into shaping and implementing policy and standards around our computing environments to reduce risk from threats and vulnerabilities. Basic Qualifications: * Bachelor degree in Computer Science, Computer Engineering, or other technical degree, or relevant work experience. * Hands-on experience in a senior role in Incident Response, Threat and Vulnerability Management, or general Security Operations programs. * Previously worked to identify, select, deploy, operationalize, manage, and consume reports from technology specific to Incident Response, Threat and Vulnerability Management, Insider Threat, or similar. * Experience in project and/or program management and developing processes specific to information and/or cybersecurity. Preferred Qualifications: * Masters degree, preferably in a related field. * Management of an Incident Response, Threat and Vulnerability Management, or general Security Operations team. * Hands-on experience with security enabling technologies such as Splunk, Qualys, Rapid7, RSA Archer, JAMF, Tanium, SCCM, ServiceNow, etc. * Use of CMDBs and equipment inventory technologies. * Results-oriented with the demonstrated ability to effectively prioritize and successfully manage security and/or privacy projects beyond general management.. * Track record of senior management and C-level presentations. What We Offer: Our teams are composed of industry experts, top scientists, and talented engineers. The environment is extremely engaging and fast-paced, with dozens of specialties coming together to provide the best possible products and experiences for our customers. We provide competitive salaries and some of the best perks in the industry, including: * Superb medical, dental, vision, life, disability benefits, and a 401k matching program * A stocked kitchen with a large assortment of snacks & drinks to get you through the day * Encouragement to get out of the office and into the field with agents and farmers to see first-hand how our products are being used * We take part and offer various workshops, conferences, meet-up groups, tech-talks, and hackathons to encourage participation and growth in both community involvement and career development We also hinge our cultural DNA on these five values: * Inspire one another * Innovate in all we do * Leave a mark on the world * Find the possible in the impossible * Be direct and transparent Learn more about our team and our mission: The Climate Corporation - The Technology Behind Making A Difference or visit As part of our dedication to the diversity of our workforce, The Climate Corporation is committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity, or religion. If you need assistance or an accommodation due to a disability, you may contact us at #LI-AM1 The Climate Corporation Chicago IL

Director, Threat Analysis & Response

Xylem Inc.