Best Buy Technical Lead (Associate Manager), Cyber Security Triage in Richfield, Minnesota
Technical Lead (Associate Manager), Cyber Security Triage
940440-105-Global Information Security
The time to join Best Buy is NOW! Thanks to our \"Renew Blue\" initiative, Best Buy has made incredible progress in the last 4 years, and we're just warming up! Best Buy 2020 - Building the New Blue is in full swing, and we want you to be a part of it! Best Buy is the world’s largest consumer electronics retailer, offering advice, service and convenience – at competitive prices – to the consumers who visit its websites and stores more than 1.5 billion times each year. Our Information Security team is comprised of some of the top minds in the industry, coupled with an array of the best tools available. At Best Buy, you will gain incredible industry experience, and have ample room for career growth.
The Technical Lead, Cyber Security Triage will play vital role in the 24x7 Threat Detection Operations Center helping to detect, protect, and respond to cyber security events. In this role, the Technical Lead will be responsible for a team of triage analysts who review, enrich, and escalate events of interest to the Cyber Security Incident Response Team. The Technical Lead will be responsible for multiple aspects of the Cyber Security Triage team including playbook updates/review, case review, and mentoring of analysts. The Technical Lead will have regular interactions with the Technical Operations team to create new automations, resolve platform issues, and status about planned upgrades/changes. This role will also have regular interaction with the Cyber Security Incident Response Team to ensure that SLA’s are being met and the content of cases meets their expectations. The ideal candidate for this role will have spent time as a SOC analyst and/or Incident Handler and is looking to take their career to the next level by leading and growing a team of analysts to their fullest potential.
What will you do?
Ensure triage analysts are responding to events following documented handling procedures and be able to respond to events yourself
Provide timely review and feedback of cases to Triage Analysts and identify training needs based on case review
Operate within multiple platforms (Antimalware, Application Whitelisting, DNS, IDS, Netflow, Proxy, SIEM, and more) to enrich and provide additional context to events of interest
Utilize internal and external resources for case analysis
Provide regular feedback to peer teams (Technical Operations and Engineering, Incident Response, and Security Analytics) on process improvements and automation of event handling
Perform guided exploration of event data to identify suspicious events that should be reviewed and develop new handling procedures with peer teams
Provide input to daily Cyber Security Command Center briefings on event trends
Why should you consider this opportunity?
Be a part of a new team where your input is heard, it is fast paced and you learn something new every day
Information security is one of the largest growing fields which is in high demand
Have the ability to grow and develop your career
Strong written and verbal communications skills
Excellent problem-solving skills
3 or more years of experience as a SOC analyst or Incident Handler
3 or more years of experience working with Windows and Linux platforms
1 year of indirect or direct management/leadership
Ability to work weekends
Previous experience working in a Security Operations Center or similar environment
One or more of the following industry certifications: CISSP, Security+, Network+, CSA+, GCIA, GCI
How we take care of our employees!
In addition to offering a challenging and fulfilling opportunity, we have a competitive salary and bonus program, full benefits including 23 days of PTO (that is 4 weeks!), and a generous employee discount. Our campus has many amazing amenities, including: full cafeteria, fitness center, onsite discounted daycare, not 1 but 2 Caribou’s, US Bank, dry-cleaning service, company store, Farmers Market ONSITE every week, and free covered parking (you won’t have to brush snow off of your car in the winter!)
Address Line 1:
7601 Penn Avenue South
Manager with Direct Reports
Job Search Categories:
Corporate Jobs, Enterprise Risk and Compliance