Program Manager, Cybersecurity Operations

Posted 10 Days Ago
Be an Early Applicant
2 Locations
Remote
116K-155K Annually
Senior level
Retail
The Role
The Program Manager of Cybersecurity Operations will lead the maturation of the Security Operations Center (SOC), oversee incident response strategies, enhance threat detection, coach third-party staff, and communicate effectively with executives regarding cybersecurity status. Responsibilities include developing SOC playbooks, leading incident response exercises, and analyzing security incidents to improve operations.
Summary Generated by Built In

Company Overview

Sleep Number is a sleep wellness technology leader. For nearly four decades, we have placed sleep at the center of wellbeing, improving over 15 million lives with our Sleep Number smart beds. We are guided by our purpose – to improve the health and wellbeing of society through higher quality sleep. This is exemplified through our 4,000+ mission-driven team members who passionately innovate to drive value creation through our vertically integrated business model, owning the process from start to finish, including selling in our over 650 stores nationwide.

Our team members are encouraged to bring their whole selves to work, sharing their unique perspectives, backgrounds and skills with Sleep Number every day. Whether you are entering, returning or experienced in the workforce, we have a place for you. We hope you join us in creating the future through higher quality sleep.

Position Purpose 

 

This individual contributor position plays a key role in shaping and maturing Sleep Number’s cybersecurity operations (SOC), cyber investigations, and incident response strategy by leading the Security Operations, Cyber Investigations and Incident Response capability within Sleep Number’s Information Security organization, including closely overseeing third party-managed services. This role possesses an elevated level of communication and relationship-building acumen (all audiences, including executives and non-technical stakeholders), a strong technical background, and deep field-relevant experience. 

 

Primary Responsibilities 

 

  • Develop and implement strategies to enhance the SOC's effectiveness, threat detection, and incident response capabilities with other technology teams. 

  • Provide coaching and feedback to third party security operations staff (responsible for level 1-2) and account manager(s). Ensure KPIs are maintained. Escalate non-compliance to contractual agreement(s). 

  • Lead development and maintenance of quality SOC playbooks (direct third-party team and contribute as needed). 

  • In the event of a cyber incident, will execute CSIRT (Cyber Security Incident Response Team) playbooks as Cyber Incident Commander which includes adhering directly to CSIRT playbooks and navigating the event(s) with confidence which includes VP+ level executives and mobilizing cross-functional teams. 

  • Lead cybersecurity investigations and incident handling activities and coordinate with other in-house experts based on the nature of the event, notable or incident. 

  • Develop and conduct incident response tabletop exercises and simulations at least twice annually (may or may not include engaging a third party to conduct the exercise) 

  • Analyze security incidents to identify root causes and recommend and/or implement corrective actions. 

  • Develop and implement threat detection and monitoring strategies in partnership with platform owners who may reside on other teams across the company. 

  • Communicate effectively and confidently with executive leadership (VP and above) on the status of cybersecurity operations and incidents.  

  • Partner closely with security engineers and other technology teams to advise and help implement improvements to detections, monitoring platforms and workflow platforms. 

  • Provide regular updates and reports to senior management and relevant stakeholders. 

  • Drive prioritization and ownership of improvements needed in alignment with overall cybersecurity and technology strategies, make thoughtful recommendations to leadership and when required, make well-crafted pitches for resources, technologies. 

 

Key Performance Indicators 

 

  • Hold security operations partner(s) held accountable to KPIs outlined as part of contractual obligations and escalation procedures initiated where KPIs are not met. 

  • Lead and execute cybersecurity events, notables, investigations and validations in accordance with internal service level agreements (“SLAs”). 

  • Achieve improvements to comprehensive security tooling and communications, including advancing automations across technology teams to reduce manual steps and expedite investigations. 

  • Successful execution of published CSIRT playbook(s) should an incident situation arise. 

  • Conduct at least two internal incident response tabletops per year among internal technology teams and one every 2-3 years with C-level executives. 

 

 

Position Requirements 

 

  • 7+ years of relevant professional experience. 

  • 5+ years of demonstrated experience in cybersecurity incident handling, incident response and security operations, which includes at least 2 years of oversight of a third-party managed service provider.  

  • BA/BS Degree in Cybersecurity, Computer Science, or related discipline, or equivalent practical experience. 

  • CISSP Certification (exceeding years of confirmed experience can circumvent this requirement)Non-CISSP-certified candidates would be encouraged to pursue CISSP certification as part of developmental expectations within one year of start date. 

  • Proven experience in managing an outside managed service provider (e.g., MDR, SOC as service) to ensure KPIs and service levels are maintained. 

 

Knowledge, Skills & Abilities 

  • Exceptional written and verbal communication skills to present technical topics to technical and non-technical audiences. 

  • High level of comfort leading a CSIRT team which includes VP+ level executives and developing audience-targeted read outs and reports relating to incidents. 

  • Proven experience in incident handling/incident response techniques within a cloud-based environment such as AWS/Azure/GCP 

  • Interacts confidently with executive leaders in technology, legal, internal audit and our cybersecurity insurance provider(s), external counsel or external assessors/auditors and coordinates with internal and external stakeholders during security incidents which includes non-technical and/or executive stakeholders. 

  • Experience with thorough, quality documentation around incident response analysis activities 

  • Expertise in Cyber Security attacks, tools & techniques, and experience with Advanced Threat management  

  • Ability to tune correlation rules and outcomes via security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms 

  • Has a sound understanding of SIEM, DLP, CASB, EDR, NDR, operating systems, MITRE ATT&CK framework and other threat detection platforms 

  • Excellent analytical, problem-solving, and interpersonal skills. Maintains composure during high stakes/high stress situations. 

  • Knowledge of digital forensics tools and techniques (e.g., EnCase, FTK). Experience in conducting forensic analysis of compromised systems, including understanding of evidence handling and chain of custody procedures. 

  • Proven experience and knowledge in the MITRE ATT&CK framework and VERIS Framework 

  • Experience with Splunk and Splunk Enterprise Security (ES) are a plus. 

  • Any of the following certifications are a plus:  C|EH, CISA, CISM, CSSLP, GIAC, CompTIA Security+, CCSP, GIAC, AWS/Azure Certifications. 

 

Working Conditions

 

This is a hybrid position that requires at least 3 days a week in our Minneapolis office for candidates within 45 miles of our downtown Minneapolis office. No relocation assistance will be offered. 

  • Travel possible – up to 10% 

Salary Pay Range: $116,300.00 -$155,100.00

Wellbeing

Wellbeing is more than a catchphrase - it's a movement that permeates our company and through our team members. We are dedicated to enhancing and supporting the wellbeing of our team members and their families through benefits, programs, and resources across our five wellbeing pillars of emotional, financial, career, community, and physical health, with sleep at the center.

By joining our team, in addition to offering competitive pay programs, we are proud to offer eligible team members an extensive benefits package including, but not limited to medical and pharmacy benefits, dental, life and disability insurance, a matched 401(k) Plan, paid time off, and much more.

Safety

Safety is a top priority for Sleep Number supporting customers and team members wellbeing. We are committed to maintaining a safe and healthy work environment for all team members that are consistent with CDC guidelines, U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA), and state/local laws.

EEO Statement

Sleep Number is an equal opportunity employer. We are committed to recruiting, hiring and promoting qualified people and prohibit discrimination based on race, color, marital status, religion, sex (including gender, gender identity, gender expression, transgender status, pregnancy, childbirth, and medical conditions related to pregnancy or childbirth), sexual orientation, age, national origin or ancestry, citizenship status, physical or mental disability, genetic information (including testing and characteristics), veteran status, uniformed servicemember status or any other status protected by federal, state, or local law.

Americans with Disabilities Act (ADA)

It is Sleep Number’s policy to provide reasonable accommodations to qualified individuals with disabilities during the application process, consistent with applicable law. We may require supporting medical or religious documentation where applicable and permissible by law. If you are a qualified individual, you may request a reasonable accommodation at any time during the selection process, including if you are unable or otherwise limited in your ability to access open roles here.

Top Skills

Cybersecurity
Incident Response
Security Operations
The Company
HQ: Minneapolis, MN
3,144 Employees
On-site Workplace
Year Founded: 1987

What We Do

As a purpose-driven company, Sleep Number’s mission is to improve lives by individualizing sleep experiences. Our revolutionary Sleep Number 360® smart beds deliver proven, quality sleep through effortless, adjustable comfort. Our integrated SleepIQ® operating system captures over 9 billion hours of biometric data points every night and delivers actionable insights to improve our customers' overall sleep health and wellness.

What does that mean for you? Well, at Sleep Number, you’ll be improving lives every day by helping people sleep better every night.

Learn more about the company that's championing a health and wellness revolution with quality sleep at its core:

• Transforming the sleep industry since 1987
• 13M+ lives improved by the Sleep Number bed
• Annual revenue in 2020 totaled $1.86B
• 600+ company-owned retail stores in 50 states
• 6 Distribution locations located in: Salt Lake City UT, Irmo SC, Los Angeles CA, Dallas TX, Tampa FL and Baltimore MD
• 4,800 team members nationwide
• Headquartered in Minneapolis Minnesota with Sleep Number Labs in San Jose CA and our Customer Service Relationship Center in New Orleans LA

Similar Jobs

GitLab Logo GitLab

Support Engineer (AMER)

Cloud • Security • Software • Cybersecurity • Automation
Easy Apply
Remote
3 Locations
2350 Employees
73K-156K Annually

MetLife Logo MetLife

Senior Implementation Consultant II

Fintech • Information Technology • Insurance • Financial Services • Big Data Analytics
Remote
United States
43000 Employees

CrowdStrike Logo CrowdStrike

Director, Product Management, Security Automation - NG SIEM (Remote)

Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Remote
USA
10000 Employees

GitLab Logo GitLab

Senior Security Technical Architect

Cloud • Security • Software • Cybersecurity • Automation
Easy Apply
Remote
3 Locations
2350 Employees
175K-310K Annually

Similar Companies Hiring

McCain Foods Thumbnail
Retail • Manufacturing • Food • Agriculture
Florenceville-Bristol, NB
20000 Employees
Optimum Thumbnail
Software • Retail • Mobile • Marketing Tech • Internet of Things • Digital Media • AdTech
Long Island City, NY
9000 Employees
Grocery TV Thumbnail
Software • Retail • Marketing Tech • Hardware • Digital Media • AdTech
Austin, TX
45 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account