IT Security Lead - Threat Management

In short

In the dynamic landscape of On, the tech thrives much like a spirited runner: always moving, always improving. We are building technology that continues to supercharge the growth of On, helping to ignite the human spirit through movement.As an integral part of the Information Security team at On, you'll find yourself at the heart of a fast-paced, diverse environment. Our ecosystem thrives on collaboration — a confluence of curious minds challenging and learning from one another, always seeking the uncharted. Here, we venture into new territories of technology and security, continuously refining our approach and embracing challenges head-on.Your role will be pivotal in building synergies, reducing complexities, and prioritising essential work areas that further On's mission.As a strategic leader in Threat Management, you will drive the development and implementation of security orchestration, automation, and response (SOAR), SIEM management, log source design and health management, as well as detection and response automation. You will oversee integration management to ensure seamless security operations, embedding Zero Trust principles across all systems and processes to safeguard critical infrastructure, applications, and data while enabling a resilient, forward-thinking security posture.

Your Mission

Lead Advanced Threat Analysis and Strategy overseeing the identification, assessment and mitigation of cyber threats, leveraging innovative defense strategies and threat intelligence to strengthen organizational security.
SOAR Orchestration & AutomationDesign and implement security automation workflows to enhance threat response efficiency.Continuously optimize playbooks to improve detection, triage, and incident resolution.Integrate SOAR with various security tools and business processes for seamless response coordination.SIEM ManagementOversee SIEM platform architecture, ensuring optimal event correlation and threat detection.Develop and fine-tune rules, alerts, and dashboards for real-time security monitoring.Conduct regular assessments and tuning of SIEM to minimize false positives and enhance accuracy.

Log Source Design & Health Management

Define and implement log collection strategies to ensure comprehensive visibility.Monitor log source health, addressing data gaps and inconsistencies in ingestion pipelines.Enforce log retention policies and ensure compliance with regulatory and organizational requirements.Detection & Response Automation

Enhance threat detection capabilities through machine learning models and behavioral analytics.Automate threat intelligence enrichment and response workflows to reduce dwell time.Collaborate with incident response teams to develop and refine automated remediation processes.Integration Management

Ensure seamless integration of security tools and technologies to enhance threat visibility and response.Align security integrations with business objectives and compliance requirements.Monitor and optimize API-driven security integrations to ensure efficiency and reliability.Collaborate and Support the IT Security Operations team by providing expertise and input on incident response processes including containment, mitigation and recovery, enhancing detection capabilities and optimizing response strategies.
Training and Mentoring: Providing training and mentoring to team members, fostering a culture of learning and knowledge sharing within the organisation.