Director, Incident Response
Location: Redwood City, California US
Requisition Number: 152782
Position Title: Director Engineering - Security
We’re EA—the world’s largest video game publisher. You’re probably familiar with many of our titles—Battlefield 5, Star Wars Battlefront II, Madden, FIFA, The Sims, Need for Speed and Dead Space to name a few. But maybe you don’t know how we’re committed to creating games for every platform—from social to mobile to console—to give our consumers that anytime, anywhere access they demand. What does that mean for you? It means more opportunities to unleash your creative genius, be inspired by those around you and ignite your path in any direction you choose.
The Incident Response (IR) Director is a highly technical role that plays a pivotal role in security risk management across all of EA and leadership within the Global Security Incident Response Team (GSIRT).
The primary mission of this role is to provide front line IR leadership and coordination for cyber security incidents. You will drive Incident Response Operations during these high-profile events. You will be the deputy for Incident Response Operations across EA and as a senior incident commander and be responsible for:
- Leading GSIRT’s response to specific security incidents across EA and, where necessary, directing the work of other analysts in the team to effectively mitigate & close the incident;
- Pulling together an effective remediation plan and providing quick decisions on suitable courses of action to manage risk;
- Regularly communicating the status, resolutions and final root cause analyses to the appropriate stakeholders and other security leaders;
- Leading meetings and working with others to drive actions required by stakeholders;
- Pulling together the results from attack analysis and forensics to drive effective response and closure;
- Working closely with the Head of IR Operations to ensure effective response to security incidents across EA and drive the efficiency of the IR Operations team;
- Work with external partner companies to collaborate on mutual threat actors and ensure that GSIRT has the latest threat intelligence to pivot from.
The IR Director will report into the Global Security Incident Response Team (GSIRT) within the EA Security organization and maintain strong relations with internal business partners across the company. They will also work closely with several key teams within EA Security including the GSIRT Analysts, Security Operations Centre (SOC), and the Enterprise and Online Security Team.
A successful candidate for this opportunity will have excellent working knowledge of all aspects of cyber security incident response, intelligence-driven-defence, attack analysis, computer forensics (host and network based), networking, operating systems. They will also possess strong written and verbal communication and interpersonal skills. Patience and a passion for the work are additional indicators that you would be well-suited for this position.
- Respond to threats such as APTs and other forms of targeted attacks, and broad-based threats such as malware, data leakage, phishing,
- Lead security incident response meetings with security, game studios, IT and other business stakeholders.
- Assemble and coordinate with technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible.
- Communicate effectively with representatives of the Lines of Business, technology specialists, and vendors.
- Perform analysis to validate the findings of junior analysts – to include analysis of assets, including logs, malware samples, hard drive images, etc.
- Reconstruct events of a compromise by creating a timeline via correlation of forensic data.
- Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to EA.
Experience and Qualifications
The ideal candidate will have the following skills and experience:
- Strong experience in leading security incident meetings, dividing responsibilities, and influencing people to act to assist in the resolution of security incidents
- Problem solving to learn new technical and non-technical analysis techniques to overcome problems
- Strong experience with intrusions analysis and security incident response of APT’s and broad-based threats.
- Ability to assess security incidents quickly and effectively, communicate a course of action while mitigating risk and limiting impact to EA's reputation and ability to operate effectively
- Industry experience in a large, mission-critical environment
- Experience in coordinating and gaining the trust of business stakeholders, technical resources, and third-party vendors
- Strong experience working with attack analysis and forensic tools (e.g. Encase, FTK, Carbon Black, Bit9, Cuckoo sandbox, open source tools etc.)
- Some coding (scripting) experience e.g. Perl, VB Script, Python, etc.
- Expert level understanding of TCP/IP fundamentals, network protocols, network flow data, system administration and network architectures
- Strong understanding of Windows & Linux operating systems
- Experience with SIEMs e.g. Elk, ArcSight, QRadar, ArcSight etc.
- The ability to understand complex problems while formally presenting them simplistically to executives and senior business stakeholders
- Experience teaching and mentoring preferably in intrusions and incident response related skills
- Knowledge of industry good practice for foundational security elements including network device and system-level hardening
- Ability to identify both tactical and strategic solutions
- Ability to work independently and in a cross functional team
- Occasional travel to other EA locations as necessary to support security incidents and cross-team collaboration
- Some flexibility in working patterns to ensure strong collaboration with other global security colleagues and business stakeholders
- Ability to perform multiple critical assignments under pressure in a fast-paced, high volume, office work environment
Community / Marketing Title: Director, Incident Response
Electronic Arts Inc. is a leading global interactive entertainment software company. EA delivers games, content and online services for Internet-connected consoles, personal computers, mobile phones and tablets.
EEOText: EA is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law. We will also consider for employment qualified applicants with criminal records in accordance with applicable law. EA also makes workplace accommodations for qualified individuals with disabilities as required by applicable law.
Date Opened: 2018-09-27 00:32:37.067
EEO Employer Verbiage:
EA is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status or veteran status. We will also consider for employment qualified applicants with criminal records in accordance with applicable law.
Location: Redwood City
Location_formattedLocationLong: Redwood City, California US