Job Description

WHAT YOU DO AT AMD CHANGES EVERYTHING We care deeply about transforming lives with AMD technology to enrich our industry, our communities, and the world. Our mission is to build great products that accelerate next-generation computing experiences - the building blocks for the data center, artificial intelligence, PCs, gaming and embedded. Underpinning our mission is the AMD culture. We push the limits of innovation to solve the world\'s most important challenges. We strive for execution excellence while being direct, humble, collaborative, and inclusive of diverse perspectives. This is who we are at our best. One Company. One Team. AMD together we advance_ The Security Operations Center is the central nervous system for enterprise information security responsible for monitoring, detecting, categorizing, analyzing, and initiating response to security incidents. As the Senior Manager of the Global Cybersecurity Operations Center (SOC), you will lead the detection and response capability for a Fortune 250 enterprise. You will recruit, hire, and develop talent strategically as you build upon a world-class 24x7 capability. You will hold yourself accountable for delivering an exceptional capability in a fiscally responsible manner. You will partner with stakeholders both within Infosec as well as across the enterprise, identifying risks to business and developing novel ways to detect and respond to those risks. THE PERSON: The ideal candidate is a strong leader with a proven record of hiring and developing talent. You use measurable standards to hold your team accountable for effective and efficient performance, and for constantly elevating their skill. You possess strong multi-tasking skills and enthusiasm for details and should think one step ahead of cybercriminals. You have an insatiable curiosity and deep understanding of How Things Work from which to understand how things might be abused. You should be well prepared to thrive in a fast-paced environment, possessing strong interpersonal and communication skills. KEY RESPONSIBILITIES: Lead a 24x7 globally-dispersed SOC, ensuring appropriate skill, capacity, and leadership in all shifts. Manage staff, including recruiting/hiring, performance, scheduling, personnel development, service provider management, and resource accountability and evaluation. Make informed decisions about direct versus contractor staffing, forecast and plan for future staffing needs. Manage the SOC budget, ensuring personnel, products, and services are fit for purpose and are a fiscally responsible use of budgetary resources. Know and manage the cost of providing your service to the company. Forecast future needs and costs effectively to support enterprise financial planning. Hold yourself and your team accountable for rapid and correct assessment of potential threat detections. Establish appropriate and measurable metrics and KPIs, then hold the team accountable for delivering. Drive effective communication across all shifts, ensuring threats recognized and lessons learned are known across the entire team. Communicate incidents at an appropriate level of detail to all levels of the organization. Clearly and accurately communicate risk and trade-offs to business owners and company executives, enabling them to make appropriate decisions. Collaborate with the CSIRT manager to ensure a clear and highly effective working relationship between SOC and CSIRT. You will understand CSIRT best practices and the AMD incident response model, and will adapt both as appropriate to resolve specific incidents. You will coordinate with external teams to get the support needed for incident closure. Collaborate with the Threat Operations manager to support threat hunting and forensic analysis. Your team use sound DFIR methodology to creatively find new and unusual threats and to determine the reach of a threat identified by the front line. As the senior manager you set the pace. Train junior analysts on incident response process and tasks. Constantly improve DFIR processes and procedures to improve speed and accuracy. Understand, use, monitor, and optimize existing SIEM rules and SOAR processes. You will continually look for ways to improve detection accuracy and reduce false positive alerts, and for ways to accelerate or automate response processes. Propose and develop new use cases and playbooks/SOPs. You will propose and develop automation for recurring incidents and incident tasks, and will identify and onboard new datasources to support new threat detection and response use cases. Collaborate with technical and business experts from partner organizations including IT, Engineering, Finance, Audit/Compliance, HR/Legal, Corporate Security. Escalation point for a global 24x7x365 SOC environment IDEAL CANDIDATE WILL HAVE: 8+ years\' experience in information security, cybersecurity, digital forensics, information technology, or equivalent law enforcement or military experience at least 3 years direct experience with cybersecurity operations preferably in a large ( 10,000 employee) enterprise environment. 3+ years\' experience as a manager of people, including direct reports geographically separated from yourself, preferably in a security operations or emergency services capacity. Experience in working with a geographically diverse team in multiple time zones around the globe. Broad experience managing complex projects, particularly projects requiring support and partnership outside your immediate team. Deep understanding of the ATT&CK matrix, with demonstrated experience building use cases and SOPs around the TTPs most relevant to your business. Expert communication skills including technical writing (documenting processes and procedures) presenting to technical peers and communicating to executive leadership. Ability to solve problems and work through ambiguity and uncertainty Expert level understanding of common and emerging security threats and vulnerabilities Self-motivated and proven ability to deliver end-to-end solutions in a high-tech and fast moving industry. Industry security certifications such as CISSP and relevant GIAC certifications Understanding of NIST Cyber Security Framework standard and requirements and ability to apply them to an enterprise environment. Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization. #LI-NF1 Benefits offered are described: . AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law. We encourage applications from all qualified candidates and will accommodate applicants\' needs under the respective laws throughout all stages of the recruitment and selection process.

Monster