Cyber Security Lead - Threat & Hunt

Why Work For Us?

• Great Pay - opportunity to participate in AAA discretionary annual incentive plan or other incentive plans depending upon position
• 401k Matching – $1 for $1 company match up to 6% of eligible earnings per pay period
• Benefits – Medical, Dental, Vision, wellness program and more!
• Paid Holidays
• Paid Time Off – Team Members accrue paid time off monthly. Depending on position, an additional 24 hours per year are earmarked for volunteer activities.
• Collaborative Environment – AAA will value your contribution to providing exceptional service to our members
• Free AAA Classic Membership
• AAA Product Discounts
• Tuition Reimbursement Program

.

At AAA, our Team Members strive to deliver amazing service and help our Members outsmart life’s roadblocks. We believe everything you do outside of work adds to who you are at work. We're working to transform AAA for the next century with a mission to create Members for life by unleashing the innovative spirit of our Team Members.

NOTE: This role is hybrid and requires 3 days a week in our Phoenix, AZ office.

Job Summary
Our Cyber Security Lead, Threat & Hunt will be responsible for establishing and enhancing foundational information security controls in support of a fast-growing organization. This is a highly visible, hands-on position responsible for identifying and mitigating security risks. This individual will be the resident security expert and drive efforts focused on both corporate cyber security and product security.  

Essential Functions
• Oversee all aspects of enterprise-level cyber security
• Apply risk-based approaches to product security (e.g. home security system)
• Establish foundational information security controls, including Critical Information Security (CIS) controls 1-6: Hardware/Software Inventory, Continuous Vulnerability Management, Secure Configuration, Access Control, Logging and Monitoring
• Influence engineering decisions in areas such as firewalls, operating systems, malware protection, IDS/IPS, and various network monitoring and protection methods
• Support audit and assessments relative to cyber security including PCI-DSS
• Deliver periodic compliance status reports to management utilizing tools to track planning, scheduling, issues, risks, and the overall status of compliance efforts
• Plan and implement a comprehensive vulnerability management program.
• Manage remediation of any findings from internal or external assessments.
• Work with business units to design, implement, and maintain business continuity and disaster recovery programs
• Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents
• Communicate risks and risk mitigation options to key stakeholders

Knowledge/Skills/Abilities
• Must have experience in designing or implementing robust cyber security programs
• Practical skills in cyber security (ex: patching, system hardening, penetration testing)
• Knowledge of security control frameworks (ex: NIST 800-53 or NIST 800-171)
• Experience in developing Business Continuity Plans and Disaster Recovery plans
• Strong leadership, communication, and presentation skills to senior management
• Experience securing IT operations and/or applications
• Solid project management, risk management, and/or vendor management skills
• Excellent communications and interpersonal skills

Education & Experience/Licenses & Certification
• College diploma in the field of computer science and/or equivalent work experience, Bachelor's degree is preferred.
• 10+ years experience in progressively more responsible information systems and technology including at least 5+ years in security leadership and/or management roles preferred
• Required to have one of the following certifications: CISSP PCI ISA PMP, OSCP, CEH
• Ability to provide a portfolio of hands-on skills preferred

-