The Director of Cybersecurity Operations and Incident Response is responsible for cybersecurity related functions within Diebold Nixdorf. These responsibilities span across corporate functions and a managed security services offering to our customers. The Director of Cybersecurity Operations and Incident Response will oversee multiple teams responsible for conducting SIEM operations, security monitoring, threat hunting, management of security technologies, and security incident response. This position requires the perfect balance of technical expertise, strategy and management reporting.

This position can sit remotely

Responsibilities:

• Develop and implement Diebold Nixdorf Cybersecurity Operations and Incident Response vision, strategy, and road map in partnership with appropriate teams across technology and business units
• Build out and maintain a global Cybersecurity Operations and Monitoring function that spans North America, Europe and Asia
• Lead and support the development, automation, execution and monitoring of security operations controls in support of the Information Security program, including the writing of needed documentation such as standards, procedures and guides
• Maintain relationship with SIRT team members across the business and support functions ensuring that Incident Response processes are designed to respond and recover from security incidents
• Responsible for managing, maintaining and executing Diebold Nixdorf's vulnerability management program
• Manage relationship with MSSP provider(s) and conduct quarterly business reviews holding vendors accountable to contractual agreements and continuous improvement
• Serve as the security incident commander for major or high-profile security incidents including validating and raising incidents, coordinating response, facilitating information sharing and conducting reporting
• Provide timely and relevant updates to appropriate executives, leaders and decision makers
• Test and maintain incident response plans and processes to address existing and emerging threats
• Organize & maintain documentation for executive and targeted functions for table-top exercises
• Handle IR retainers and coordinate third party engagements
• Establish meaningful KPIs for team performance & SLAs/OLAs with a mindset of continuous improvement
• Train and mentor team members, analysts, engineers & investigators

Qualifications:

Requires experience having built out a successful, best of class cybersecurity operations function with demonstrated competency in security incident response, technical assessments, strong customer focus, change & innovation, strategic thinking, relationship building & influencing, talent management, and inspirational leadership.

Additional Qualifications:

• 7+ years in Cybersecurity Operations
• 4+ years leading Cyber Security Operations, including team manager role
• A deep understanding of cyber-security threats, vulnerabilities, controls and remediation strategies in global enterprise environments
• Knowledge of technologies, systems and networks as well as typical gaps that could impact the ability of an organization to effectively detect and respond to cyber attacks
• An ability to communicate complex and technical issues to diverse audiences, verbally and in writing, in an easily understood, authoritative, and actionable manner
• Strong organizational skills with ability to handle multiple high visibility issues simultaneously
• Strong oral and written skills with experience communicating technical details of a security incident with all levels of management in a clear and easy to understand common vernacular
• Experience with large scale and complex incidents of all types to include Advanced Persistent Threats, DDoS, insider, web and mobile applications, data ex-filtration etc.
• Knowledge and demonstrated competency of using the MITRE ATT&CK framework
• Demonstrated knowledge of NIST 800-61 standard for security incident handling
• Demonstrated experience implementing a comprehensive threat hunting program
• Knowledge and experience implementing cybersecurity operations controls within a DEVSECOPS development process

Diebold Nixdorf, Incorporated is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, age, national origin, genetic information, disability or protected veteran status