Manager, Information Security (Security Operations) - Hybrid

XPO is a top ten global provider of transportation services, with a highly integrated network of people, technology and physical assets. At XPO Logistics, we look for employees who like a challenge and can communicate effectively in all situations. We want to leverage your skills and years of experience to drive positive results while ensuring a bright future for yourself and XPO. If you're looking for a growth opportunity, join us at XPO.

As the Manager, Information Security (Security Operations) you will provide strong leadership, combined with strong technical expertise to help drive cybersecurity best practices and strategy. You will play a critical role in defining, developing, and implementing security policies, and be the POC for security incidents within XPO. You will lead a team, and work with stakeholders and vendors to effectively detect, analyze, and respond to security incidents at XPO. If you're ready for the challenge of working with a rapidly-growing global company, we have an opportunity for you to build a career with XPO.

What you'll do on a typical day:

• Manage a team to help drive the success of our cyberSecurity Operations
• Develop and implement security policies and establish SOC performance goals and priorities
• Enhance threat detection capabilities, improve incident response times, and reduce false positives and other extraneous alerts
• Lead incident response efforts, manage SOC tools and resources, and serve as the POC for security incidents
• Report to your leadership team and the CISO on Security Operations within XPO and highlight key findings and recommendations about the operations to help drive informed decision about security investments and strategies that align with our goals

At a minimum, you'll need:

• Bachelor's degree or equivalent related work or military experience
• 5 years of experience in cyber Security Operations, vulnerability management, security engineering, risk management and/or security architecture experience
• Ability to manage a team and drive the necessary skills and knowledge to effectively detect, analyze and respond to security incidents
• Ability to develop and implement security policies by reviewing industry standards and working closely with other departments to understand their security needs. Security policies might originate with cyber frameworks or might follow common cyber hygiene practices.
• Focus and ability to Improve incident response times, reduce false positives and other extraneous alerts, and enhance threat detection capabilities

• Experience in designing and leading fusion centers and/or DevSecOps; background in Security Operations Center and Security engineering leadership
• Understanding of how to integrate cybersecurity incident response with enterprise resilience functions; experience with cyber exercises
• Working knowledge of security, risk, and control frameworks and standards, Center for Internet Security Controls, OWASP, and security related regulations
• Adept at building highest performing teams with a keen emphasis on diversity and inclusion, maintaining performance standards, motivating associates and developing their careers

• 3+ years as a manager over s technical team with Hands-on experience in Incident Response (IR) and 24/7 Security Operations
• Technical knowledge of security technologies including IDS/IPS, EDR, Vulnerability Scanners, SIEM, SOAR
• Additional experience in IT network infrastructure, Windows/UNIX platforms, Application Security, Cloud, and Operational Technology (OT)
• Significant experience in cybersecurity operational roles (Incident Response, Threat Intel, Vulnerability Management, Countermeasures, and Internal Threat)
• Broad knowledge of perimeter Security Operations technology to include web application firewalls, Network IDS/IPS, Cloud, and Email Security
• Experience leading a distributed team that provides 24/7 operational support and excellent service delivery
• Demonstrated leadership and people management skills

We are proud to be an Equal Opportunity/Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, sex, disability, veteran or other protected status.

All applicants who receive a conditional offer of employment may be required to take and pass a pre-employment drug test.

The above statements are not an exhaustive list of all required responsibilities, duties and skills for this job classification.

Review XPO's candidate privacy statement here.