AVP, Cyber Defense

The AVP of Cyber Defense will lead a team of cybersecurity professionals that provide 24/7/365 security monitoring and response capabilities for Cox Communications. This leader will direct the strategy and day-to-day operations of the detection engineering and computer security incident response teams and manage the relationships and ongoing performance of our managed security service partners spanning both enterprise and customer facing products. The AVP of Cyber Defense will be directly responsible for coordinating all Incident Response activities including cross functional relationships with Legal, Public Affairs, Business and Technology teams. This role reports directly to the Senior Vice President, CISO.

1. Responsible for the strategic direction and oversight of the following:
   1. Cox Security Operations Center that monitors and detects information security threats 24/7/365.
   2. Security Incident Response process execution, management, and maintenance.
   3. Implementation of new detective capabilities (based on active threat modeling) leveraging internal and industry intelligence solutions.
   4. Delivery of multiple, cross-functional table-top exercises to ensure Incident Response plan effectiveness and maturity.
   5. Vendor relationship management for all key cyber defense technologies and partners.
   6. Training program to ensure ongoing education of cyber defense resources.
   7. Customer Security authentication and controls based on latest attacker tools, tactics and procedures (TTPs).
2. Drives updates to the security strategy based on actual events occurred and through active and ongoing threat modeling exercises that identify the tools, tactics and procedures of attackers against key business assets and products.
3. Partners with product and operational teams to increase adoption and implementation of next-generation security preventive and detective controls for customer accounts.
4. Represent the information security organization in key industry groups including threat intelligence sharing and collaboration.
5. Partner with other functional groups to develop, manage, track, and analyze operational support structures, tools, methods, and procedures to improve process efficacy, inter-team communications, and customer experience.
6. Consult with senior leadership on security threats and incident response practices.
7. Identify, propose, and influence business solutions, negotiate deliverables and requirements across multiple business customers or organizations.
8. Anticipate industry direction and relate those changes to current and future needs and projects.
9. Analyze and manage capital and expense budgets.
10. Oversee and lead contract negotiations and vendor management.
11. Consult with business leaders to define key performance indicators and service levels, create process frameworks, and initiate and direct improvement activities.

1. Bachelor's degree in a related discipline (i.e. Computer Science, Cybersecurity, Information Technology etc.) and 14 years' experience in a related field with at least 7 years' experience in a leadership role.
   • The right candidate could also have a different combination, such as a master's degree and 12 years' experience; or 18 years' experience in a related field in lieu of degree.
2. Experience in leading and building Security Operations Centers responsible for active threat monitoring and detection.
3. At least 5 years managing or leading an Information Security Incident response function, including direct relationships with legal, public affairs, and communications teams.
4. Strong knowledge of SIEM technologies, Red Team / Blue Team exercises, Cyber Kill Chain, MITRE ATT&CK Framework, Detective Technologies (IPS, IDS, End Point Security, etc.), and threat intelligence resources.
5. Excellent interpersonal, leadership, presentation, and collaborative skills to work effectively with teams throughout the organization.
6. Ability to drive consensus and collaboration among many diverse teams, individuals, and functional groups to achieve desired business results.
7. Demonstrated track record of both project and operational delivery.
8. Relevant industry certifications: CISSP, CISM, CISA, etc.

Compensation includes a base salary of $207,900.00 - $346,500.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate's knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program.

The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company's needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, parental leave, and COVID-19 vaccination leave.

Cox Communications is the largest private telecom company in America, serving six million homes and businesses. That's a lot, but we also proudly serve our employees. Our benefits and our award-winning culture are just two of the things that make Cox a coveted place to work. If you're interested in bringing people closer through broadband, smart home tech and more, join Cox Communications today!

Cox empowers employees to build a better future and has been doing so for over 120 years. With exciting investments and innovations across transportation, communications, cleantech and healthcare, our family of businesses - which includes Cox Automotive and Cox Communications - is forging a better future for us all. Ready to make your mark? Join us today!

Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individual's age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.

Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.