GTO Team Leader

About Trustwave
Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can’t and respond quicker than others can to protect against the devastating impacts of cyberattacks. We’re a world-class team of cyber consultants, threat hunters and researchers serving clients in 96 countries. At Trustwave, you can learn alongside the best, make a personal impact on a global scale, and solve new challenges every day. Learn more about us at https://www.trustwave.com.

Trustwave, a market leader in cybersecurity, is seeking a highly skilled and experienced Cyber Security Operations Team Lead to join our Global Threat Operations (GTO) team. GTO is at the forefront of delivering managed threat detection and response (MDR) services worldwide, ensuring the protection of our client’s critical business assets. As a cyber security global leader, you will play a pivotal role in orchestrating our clients managed detection and response services.
Ideal Candidate
As the Cyber Security Operations Team Lead, you will provide leadership and technical expertise to a team of cyber threat analysts and engineers. You will act as a critical point of contact for managing and responding to security events, ensuring compliance with service level agreements (SLAs), and continuously improving security processes. Your leadership will be instrumental in achieving customer satisfaction and the overall success of our managed services. In addition to mentoring and leading your team, you will play a key role in developing new service offerings and integrating new technologies into our services portfolio.
Key Responsibilities

• Team Leadership: Lead and mentor a team of cyber threat analysts and engineers, providing guidance and technical expertise to ensure efficient threat detection and response.
• Thought Leadership: Act as both a team and thought leader to junior threat team members within the region and interact with peer leads and management across regions.
• Security Event Analysis: Utilize strong operating system, TCP/IP networking, and application skills to analyze and understand detected threats.
• Incident Response: Analyze and respond to security events from various sources, including firewalls, EDR, IDS, IPS, SIEM (Qradar, Splunk, ArcSight, LogRhythm), Web Application Firewall (WAF), and other security data sources, within documented SLAs.
• Proactive Protection: Tune security devices for proactive blocking and detection based on customer business requirements.
• Configuration and Management: Configure, manage, and upgrade protection policies for Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), Security Information and Event Monitoring (SIEM) platforms, and Endpoint Detection & Response Platforms.
• Process Improvement: Create, enhance, and document processes for the management and monitoring of security solutions.
• Customer Engagement: Demonstrate leadership in all aspects of customer service, responding to customer needs and inquiries in a polite, positive, and professional manner.
• Mentorship: Act as a mentor and escalation point for analysts and engineers within GTO, developing training plans to elevate their performance.
• Project Leadership: Lead projects to develop new service offerings and integrate new technology into our services portfolio.
• Collaboration: Collaborate with internal engineering teams to facilitate the implementation of new features and functions.
• Data Analysis: Collect and report on data trending across multiple products and customers, providing input and guidance on new product development.
• Security Awareness: Understand the broader security and threat landscape, concerns, and motivations.
• Process Improvement: Collaborate with management on process enhancement, documentation, and definition for threat analysis and classification.
• Culture of Growth: Foster a culture of growth and development within the teams, actively recognizing and rewarding team members for exceptional contributions.
• Shift Flexibility: Be available to provide oversight or work any shift within your direct reports 24/7/365 operations, including nights, weekends, and holidays.

Why it Matters:
Joining our team means becoming a vital part of a market-leading force dedicated to safeguarding critical assets, solving complex security challenges, and delivering innovative services that meet the security needs of our global customer base.

Why You Will Love It:
Exceptional Team: Lead a highly skilled team and collaborate with experienced leaders in cybersecurity who share your passion for delivering market-leading Managed Security Services.
Global Exposure: Gain insight into various aspects of the Managed Security Services business, with your leadership and actions directly impacting the security of organizations worldwide.
Ownership and Impact: Assume responsibility for defining and executing processes that consistently deliver outstanding results.

Skills & Knowledge Requirements:
The ideal candidate should have skills and knowledge in some of the following areas:

• Project and Queue Management
• SOC Operations/Management
• Endpoint Detection & Response
• Security Information and Event Management (SIEM)
• Unix/Linux and Windows system administration
• Information security best practices and network security architecture
• Signature-based security products
• Current exploit and remediation techniques
• TCP/IP networking
• Vulnerability Scanning technologies
• Log collection and analysis tools
• Threat Intelligence
• Incident Response/Forensics
• English: Demonstrated Fluency

Desired Experience:

• 7 or more years of information security or networking experience.
• Previous operational experience as an analyst, engineer, or team lead.
• Excellent customer service skills.
• Strong analytical thinking and problem-solving skills.
• Strong oral and written communication skills.
• Self-managed and team-oriented, with the ability to coach and teach.
• Responsive, collaborative, and highly motivated.
• Leadership and management experience.

Preferred:

• Bachelors/Masters Degree in Information Technology or a similar area of study.
• At least 7 years of experience in Information Security or Networking.
• Certification in a security-related industry, vendor, or professional certification

Education:

• A bachelors degree in a security discipline or a related field is preferred. However, a minimum of a high school diploma or equivalent is required for employment.

If you are an experienced cybersecurity professional with a track record of leadership, technical expertise, and a passion for safeguarding organizations, we encourage you to apply and become a part of our mission to protect organizations worldwide. Join Trustwave and help redefine the future of cybersecurity.

This is a remote opportunity open to anyone legally authorized to work in the Philippines. Guided by our flexible workplace philosophy, Moments That Matter, people gather in the office when in-person interaction is most impactful; full-time remote employees may be asked to travel occasionally based on the needs of the team and the business.

Trustwave is an Equal Opportunity Employer. Were committed to treating everyone with respect, one of our core TRUST Values, and strive to create a culture that empowers all Trustees to be their best, most authentic selves. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.

To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.