Senior Threat Manager

Primary Roles and  Responsibilities

The Senior Threat Manager reports directly to the Principal Threat Manager who is responsible the leadership and management of the Junior Threat Managers.  They will deputise for the Principal Threat Manager as required. They are specifically responsible for:

• Provide information to Business and Technology owners using tool sets at their disposal.

• Undertake data analysis to quantify “actionable” information and to highlight vulnerabilities and risks to Pearson.

• Undertake asset management to establish which GTM business units own the assets that have been found to be vulnerable and then ensuring that the business unit and application owners are informed.

• Provide best effort KPIs, based on a subjective definition by GTM, for GTM Buisness Units..

• Identify IP addresses and equipment locations using current GTM tools.

• Everyone agreed that there is a desperate need to know who is responsible for each identified machine or IP within the Pearson estate.

• There is a consensus that a “full” and “complete” asset database (CMDB) is required and the integration into VMDB.

• Currently there are no SLAs in place for fixing the findings from the GTM team and there is no real reporting mechanism in place for the completion of the remediation actions.

• Maintain working relationships with Pearson business units to track, manage and mitigate vulnerabilities and threats.

• Key areas highlighted are change and patch management and the team is worried that the policy needs to be signed off at a higher level and mandated through the business.

• It was discussed that the programme will be helping to build the global standards within Pearson giving GTM the ability to have a clear focus and procedure that can be applied and adhered to by all business units.

• Integrate more security devices into the CMDB to allow greater clarity and help identify risks.

Qualifications

• Risk Assessments

• Deliver regional security and vulnerability assessments and remediation services.

• Identify, advise, report and remediate all Common Vulnerability Scoring System scores between 7-10.

• Ensure the GTM team provides information security capabilities to support Pearson Security Operations.  This will include direct investigations incident handling support to the Security Operations Centre.

• Ensure that all GTM services are well integrated with the Pearson security monitoring and incident management mechanisms.

• Represent GTM at Security Operations regular and ad-hoc security meetings.

• Maintain knowledge of security technologies: Firewall, IDS/IPS/HIDS, Anti Virus, SIEM, Vulnerability Scanning, Threat Intelligence sources & services.

• Coordinate or participate in GTM team projects and events.

• Adhere to all Pearson corporate business and employment policies and processes.

• Drive a culture of continuous service improvement and service excellence.

• Keep abreast of changing industry trends and emerging threats to Pearson business and assets.

• Attend and participate in GTM regular team meetings.