Calix provides the cloud, software platforms, systems and services required for communications service providers to simplify their businesses, excite their subscribers and grow their value.

We are seeking an experienced information security professional to run our new Cyber Risk Operations Center (CROC) focused on risk-based management of vulnerabilities, insider risk mitigation, and communicating risk to leadership.

This is a technical hands-on risk management role that will spearhead efforts in holistically managing risk across Calix’s entire attack surface, beginning with managing insider risks, and implementing a risk-based vulnerability management program.

This role would be suitable for a candidate with similar experience:

leading a vulnerability management program including assessing and prioritizing vulnerabilities, investigating security alerts at a higher tier, threat hunting and documenting across large data sets, intermediate technical experience with DLP and similar tools to detect and prevent data loss scenarios, hands-on insider risk analyst, experience developing automation opportunities thru scripting or SOAR (Security Orchestration, Automation and Response) and interacting with APIs.

Responsibilities and Duties:

• Develop and manage a comprehensive Cyber Risk Operations Center (CROC) to proactively manage risk-based prioritization and mitigation across Calix’s attack surface.
• Help define and mature the insider risk program, including the development of strategies and automation opportunities to deter, detect, and respond to insider risks.
• Implement a risk-based vulnerability management program that reflects a strong understanding of the Vulnerability Management Lifecycle.
• Conduct investigations and analysis to identify and resolve insider risk alerts and potential data loss, including reviewing logs and network activity, analyzing user behavior, and forensic investigations.
• Work closely with Legal, Privacy, and HR teams to provide support for e-discovery requests, including data collection, preservation, processing, and review, while ensuring confidentiality and discreet resolution of investigations.
• Hands-on configuring, tuning, and operating of insider risk and vulnerability management applications.
• Interface and coordinate with third-party DFIR partners.
• Orchestrate technical tabletop exercises to help identify risks to our incident response and detection capabilities.
• Develop and maintain documentation for CROC, insider threat, and vulnerability management processes and procedures.
• Prepare and present formal and informal analysis and briefings to relevant stakeholders and executives.
• Assist in developing business cases and project plans to implement new capabilities or mature existing toolsets for continual maturity of CROC.

Qualifications:

• 10+ years of experience in information security, preferably with 2-3 years in either an Insider Risk, Vulnerability Management, or risk management role.
• Hands-on technical experience with insider risk tools and familiarity with security related technologies such as SIEM (Security Information and Event Management), EDR (Endpoint Detection and Response) (Endpoint Detection and Response), UEBA (User & Entity Behavior Analytics), DLP (Data Loss Prevention).
• Hands-on incident response experience responding to security alerts and incidents.
• Familiarity with insider risk and data loss investigations.
• Strong knowledge of methodologies and technologies in modern risk-prioritized vulnerability management programs.
• Ability to communicate risk effectively while conveying highly technical concepts to both technical and non-technical stakeholders.
• Familiarity with security reporting, dashboarding, and metrics.

Education, Certifications and Professional Licenses:

• Required: Bachelor's degree in information systems, Computer Science or similar
• Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM, CRISC, or Insider Threat Program Manager (ITPM) are highly desirable.
• Familiarity with unified vulnerability tools
• Experience in an Insider Risk, Vulnerability Management, Incident Response, or similar role
• Familiarity with FAIR methodology

#Remote-LI

Compensation will vary based on geographical location (see below) within the United States. Individual pay is determined by the candidate's location of residence and multiple factors, including job-related skills, experience, and education.

For more information on our benefits click here.

There are different ranges applied to specific locations. The average base pay range (or OTE range for sales) in the U.S. for the position is listed below.

San Francisco Bay Area Only:

145,000.00 - 241,600.00 USD Annual

National Major Cities plus, CA, CO, NY Metro area:

126,100.00 - 210,100.00 USD Annual

Regional plus NY:

113,500.00 - 189,100.00 USD Annual