IT Manager - Global Cyber Security - Incident Response

Overview

Enterprise Mobility is the world’s largest car rental operator and an industry leader in mobility and technology. We’re one of the top global travel companies, ranking ahead of many airlines and most cruise lines and hotels. And no matter what transportation challenges our customers face, we have an innovative solution.

We operate the Enterprise Rent-A-Car National Car Rental and Alamo Rent A Car brands via more than 10,000 fully staffed neighborhood and airport offices, including franchisee branches, in over 90 countries and territories.

Through this robust global network, we operate a fleet of over 2.3 million vehicles and provide a comprehensive portfolio of transportation solutions, including car rental, carsharing, vanpooling, car sales, truck rental, vehicle-subscription and affiliated fleet management services. As a total mobility provider, we serve the needs of a wide variety of customers, businesses, government agencies and organizations every day.

At the center of it all, our dedicated IT teams innovate, design and develop the technology that is redefining how customers rent, buy and share vehicles from our family of brands. Here, you will be part of a diverse and talented team that creates and delivers powerful technology solutions for our customers and employees across the world with the resources and support to develop in a variety of career paths.

As an Enterprise Mobility team member, we offer an excellent package with market-competitive pay, comprehensive healthcare packages, 401k matching & profit sharing, schedule flexibility, work from home opportunities, paid time off, and organizational growth potential.

This position offers the opportunity to work fully remote within the United States (except for Alaska and/or Hawaii). Team members who choose virtual/remote work should have an adequate space to serve as their home office, and must be able to work a schedule within U.S. Central Standard Time core business hours. #LI-REMOTE

Responsibilities

The Information Security Office’s (ISO) vision is to realize a culture of security that manages risks, defends against threats, and integrates information security into business and technology. The Global Cyber Security (GCS) Team supports this vision through the detection, analysis, and mitigation of cybersecurity threats facing Enterprise Mobility. The GCS Incident Response (IR) Team under GCS is responsible for coordinating and investigating cybersecurity incidents and conducting other investigations supporting GCS and Enterprise Mobility business functions.   

As an IT Manager over the IR Team, you will: 

• Maintain an environment where your employees feel included, valued, and supported.
• Be responsible for leading, coaching and mentoring a team of results-oriented security analysts
• Oversee moderate to complex cybersecurity incidents using fundamental incident response processes and approach
• Responsible for guidance and management of daily security prioritization, including case tracking, prioritization, and communication
• Present complex technical incident details to legal, privacy, and senior Enterprise Mobility leadership for evaluation
• Use lessons learned to improve Enterprise Mobility's security posture in conjunction with the GCS leadership team
• Ensure a constant state of incident readiness that adapts to the changing threat landscape by maintaining playbooks and processes used by the team
• Coordinate and lead a cyber threat intelligence program, ensuring timely collection, analysis, and dissemination of actionable threat information
• Ensure forensic practices are followed in the collection and preservation of data related to security incidents and other investigations
• Establish and maintain key performance metrics for the team and ensure proper case management and incident severity guidelines are followed

Required Skills & Abilities:

• Experienced professional, with a well-rounded understanding of Information Technology and security
• Knowledge and understanding of evidence preservation and chain of custody issues
• Exceptional communication skills, both oral and written
• Demonstrable aptitude for leadership, collaboration, and relationship management
• Proven ability and success in coaching, mentoring, and motivating others to accomplish goals
• Must have strong personal management skills emphasizing time management, organization, and attention to detail
• Must be flexible and adaptable to changing requirements and responsibilities, and be able to deliver high-quality results
• Must have excellent problem-solving and analytical skills, the ability to define problems, collect data, establish facts, and draw valid conclusions
• Must be able to work independently with a sense of ownership to accomplish department and project tasks
• Ability to maintain a high degree of confidentiality

Equal Opportunity Employer/Disability/Veterans

Qualifications

Required:

• Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future
• Must reside in the United States (does not include Alaska or Hawaii)
• Must be able to work a schedule within U.S. Central Standard Time core business hours.
• Must be committed to incorporating security into all decisions and daily job responsibilities
• 6+ years of related experience
• 3+ years of experience leading incident response related directly to moderate to complex security incident management
• Functional knowledge of security tools and capabilities, including EDR, SIEM, DLP, and forensic tools suites

Preferred:

• Prior experience managing a team, including responsibility for performance management, team development, and staffing. 
• Prior cyber threat intelligence experience to include identifying program goals, analyzing threat intelligence feeds, and dissemination of actionable threat intelligence  
• CISSP, CISM, Security + or similar