Manager of Cyber Defense Operations

Description

Key Responsibilities :

• Manage and coordinate the organization’s incident response efforts, ensuring timely detection, analysis, and resolution of security incidents, while taking a leading role in actual incident responses.
• Develop and implement proactive threat hunting strategies to identify and mitigate potential security threats before they escalate.
• Supervise the daily activities of the cybersecurity analysts and engineers, ensuring efficient operations and optimal resource allocation.
• Create, maintain, and update incident response plans, security policies, playbooks, and runbooks to align with industry best practices.
• Evaluate security risks and vulnerabilities within the organization's infrastructure and develop strategies and processes for remediation and improvement.
• Stay current with emerging threats and trends in cybersecurity, providing actionable intelligence to inform security operations.
• Identify, assess, and respond to IoCs (Indicators of Compromise) to enhance threat detection and inform incident response efforts.
• Mentor and support the professional growth of cybersecurity analysts and engineers, fostering a collaborative and high-performance team environment.
• Work closely with IT and compliance teams to ensure alignment on security initiatives, policies, and regulatory requirements.
• Define, track, and report key performance indicators (KPIs) and other outcome-driven metrics related to incident response, threat detection, vulnerability management, and overall cybersecurity effectiveness.
• Evaluate, select, and deploy cybersecurity tools and technologies that support incident response, threat defence, and threat hunting efforts.
• Lead and coordinate regular incident response exercises and training for the cybersecurity team to ensure readiness for real-world incident scenarios.
• Collaborate with Governance, Risk, and Compliance team during security audits and contribute to remediation efforts to address identified vulnerabilities and compliance gaps.
• Establish a continuous improvement framework for the cybersecurity operations team by regularly reviewing processes against threats and risks while identifying opportunities for enhancement.

Key Performance Measures :

• Average time taken to detect, analyze, and resolve security incidents, measured from the initial alert to final resolution.
• Percentage of identified threats successfully detected through proactive threat hunting initiatives, indicating the effectiveness of threat detection strategies.
• Percentage of alerts that are false positives compared to total alerts generated by security systems, assessing the accuracy of detection methodologies.
• Percentage of audit findings related to incident response and security posture that are resolved within defined timeframes.
• Number of documented updates to incident response plans, security policies, playbooks, and runbooks completed within the fiscal year to ensure they reflect current threats and best practices.
• Number and percentage of analysed IoCs that lead to actionable insights or incident response activities, demonstrating proactive threat management.
• Stakeholder communication effectiveness measured through regular feedback from executive management regarding clarity and effectiveness of communication on security risks and incident resolutions.
• Percentage of identified vulnerabilities that are remediated within defined timelines, indicating the effectiveness of the vulnerability management program.
• Number of vulnerability assessments conducted within a specified period (e.g., quarterly, or annually), reflecting proactive identification of weaknesses within the organization’s infrastructure.
• Average time taken to detect, analyze, and resolve security incidents, measured from the initial alert to final resolution.
• Percentage of identified threats successfully detected through proactive threat hunting initiatives, indicating the effectiveness of threat detection strategies.
• Percentage of alerts that are false positives compared to total alerts generated by security systems, assessing the accuracy of detection methodologies.
• Percentage of audit findings related to incident response and security posture that are resolved within defined timeframes.
• Number of documented updates to incident response plans, security policies, playbooks, and runbooks completed within the fiscal year to ensure they reflect current threats and best practices.
• Number and percentage of analysed IoCs that lead to actionable insights or incident response activities, demonstrating proactive threat management.
• Stakeholder communication effectiveness measured through regular feedback from executive management regarding clarity and effectiveness of communication on security risks and incident resolutions.
• Percentage of identified vulnerabilities that are remediated within defined timelines, indicating the effectiveness of the vulnerability management program.
• Number of vulnerability assessments conducted within a specified period (e.g., quarterly, or annually), reflecting proactive identification of weaknesses within the organization’s infrastructure.

Primary Location : Indianapolis, IN

Indianapolis, IN

Additional Locations :

Allison Transmission is an equal opportunity employer. We have opportunities for all qualified applicants regardless of age, race, color, sex, religion, creed, national origin, disability, sexual orientation, gender identity / expression or veteran status.

If you are an individual with a disability or a disabled veteran requiring assistance and / or reasonable accommodations reviewing any of the careers information, please contact us at .

Please note that Allison Transmission will make an offer of employment only to individuals who have applied for a position using our official application.

Be on alert for possible fraudulent offers of employment. Allison Transmission will not solicit money or banking information from applicants.