2K Company Logo

2K

Novato, California - United States
View all jobs at this company »

Security Operations Lead - 2K Security

Description

Security Operations Lead – 2K Security

Who We Are: 
2K is filled with some of the brightest minds in the game business, and has delivered NBA2K, WWWE2K, Civilization, Borderlands, and Evolve among others.  When some of the best studios in the world seek to protect their investments and create a safe and fair gaming experience for their gamers, only the best in the field can get the job done.  

The security team at 2K is a forward-thinking group of experts who handle the challenge of protecting multiple products (games) on multiple platforms (e.g. Windows, Mac, Android, iOS) and taking care of our gamers across the world.

We fill our team with those who not only know significantly more about security, privacy, online safety, cheating and fraud in the world of gaming than others but also understand the intersection of these concepts with product development, business operations and industry drivers at large.  

What We Need:
The 2K Security team is looking for a security operations leader that can own the design of a security operation center and bring it to life with existing security and monitoring technologies in place first and then innovate at the pace of our business to turn it into a world-class security operations center.

You will need expertise with the state of the art enterprise security tools like Splunk, Palo Alto, Imperva, Nessus etc. along with knowledge and experience to build a robust security operations process for a geographically distributed and diverse enterprise infrastructure (corporate IT and games).

You will:

  • Own and create a security operations center blueprint and design
  • Build the security operations center

    ­         -  Own the execution strategy, starting with managing alerts and creating a triage process that can be leveraged in a consistent manner across a range of alerts and incidents
    ­         -  Define a long-term plan for integrating into corporate Splunk deployment

  • Run the security operations center

    ­         -  Deliver assessments and briefings to leadership, facilitating understanding of 
                corrective actions and their associated impact / urgency
    ­         -  Direct operational support including triage, incident management activities, 
                root cause analysis, escalations, notifications, and communication related to 
                Security incidents
    ­         -  Initiate escalation procedure to counteract potential threats / vulnerabilities
    ­         -  Monitor and analyze security events generated from existing monitoring tools
    ­         -  Own and manage tickets from start to resolution
    ­         -  Independently follow procedures to contain, analyze, and eradicate malicious 
                activity
    ­         -  Drive oversight for the after action assessments of security control failures 
                analysis

  • Optimize the security operations center

    ­         -  Research and identify key indicators of malicious activities on the network 
                and end user workstations
    ­         -  Ensure all operational processes are documented, exercised, and continually 
                improved
    ­         -  Documents additional troubleshooting steps, turn-up processes, security analysis 
                methods, and technical details for daily operational solutions
    ­         -  Review industry and vendor security alerts for vulnerabilities and security issues
    ­         -  Work with Infrastructure team to create mitigation solutions based on vendor 
                advisories
    ­         -  Liaise with Domestic and International colleagues to collaborate on emerging 
                technology and the implementation of security tools
    ­         -  Insure alignment of activities to the security strategy, and embrace role as the 
                security tools SME and interface with other technical teams related to emerging 
                products and strategies

Who We Think Will Be A Great Fit:

  • Minimum 10 years in technology organizations 
  • 5-7 years of experience working within a Security Operations Center or equivalent experience performing computer security incident detection & response activities 
  • Working knowledge of infrastructure security tools such as firewalls, network security monitoring (NSM), anti-malware, content management, OS hardening, etc.
  • Experience with Security Information and Event Management tools like Splunk
  • Must have thorough knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development
  • Programming/scripting skills in at least one of following: Python, Perl, PowerShell 
  • Previous experience troubleshooting day-to-day operational processes such as report generation, data verification, data correlation, etc. 
  • Understanding of TCP/IP and common protocols (HTTPS, SSH, FTP, etc) 
  • Familiarity with OS X, Linux, and Windows systems 
  • Knowledge of both technical and operational network security fundamentals 
  • Must have thorough knowledge of information security components, principles, practices, and procedures
  • Knowledge of common application/system vulnerabilities, threat actors and mitigations 
  • Excellent oral/written communication, problem solving and analytical skills
  • Ability to work independently and as part of a team to achieve desired objectives and project results
  • Ability to interface effectively and decisively with all levels of management, departments and outside vendors
  • GCIA, GCIH or CISSP certifications preferred


This Job is no longer active!