About CCC

CCC Information Services Inc. is the technology platform for the underwritten assets economy. CCC technology, insights, and support connect industries – insurers, automotive manufacturers, collision repairers, parts suppliers, lenders, fleet operators and more – to advance decision-making, productivity, and customer experiences for thousands of clients worldwide. Clients leverage CCC’s network management, data management, AI, operational workflows and customer experience solutions to efficiently scale, interact, transact and achieve their unique business objectives. CCC was ranked a best mid-sized company to work for by Forbes (2019). BuiltIn Chicago, Austin and LA named CCC a top place to work in 2020. Diverse perspectives and experiences are core to CCC’s success and award-winning culture of more than 2,000 employees worldwide. We hold inclusion as a core value and are committed to celebrating and cultivating the diversity of our team. With a 40+ year track record of innovation, CCC’s tenacious spirit and growth mindset turn next generation technology into real world solutions and empower team members to expand their knowledge and potential. Headquartered in Chicago, CCC has 11 locations worldwide. CCC’s principal PE investors are Advent International, Technology Crossover Ventures, and Oak Hill Capital Find out more about CCC Information Services by visiting cccis.com.

Job Description Summary

CCC Information Services is seeking a Cyber Security Operations Manager who will be responsible for leading the Cyber Security Operations team in close partnership with the Risk & Compliance team. This will include providing mentoring to junior analysts and engineers, being responsible for cyber security incident investigations, and maturing the current security operations program and toolsets. This will also include the development of metrics and reporting program status, incident information and other measurements as required. This individual will also leverage expertise to identify incident prioritization, provide forensics during investigations, and provide guidance for incident mitigation steps.

Job Duties

• Leads the cybersecurity operations and response team including threat analysis, defense operations and incident response.
• Provide guidance to tier 1/2/3 and other first responders for proper handling of cybersecurity incidents.
• Contribute to a team of cyber security staff in a leadership/coach/mentor capacity while working on threats, briefing event details to leadership, and coordinating remediation with key personnel.
• Lead analysis of potential impact of new threats/exploits and integrate protective measures into current controls and platforms.
• Capture and analyzes digital forensic evidence using forensic tools to identify the severity, exposure and threat of exploitation.
• Perform in-depth analysis in support of complex Incident Response operations and provide enhancement / recommendations.
• Perform post-incident root cause analysis and make recommendations for changes and process improvement.
• Develop and deliver reporting and documentation using various tools to present to different audiences.
• Build formal and informal relationships within CCC and among business partners and customers to improve the effectiveness of Security Operations.

Qualifications

• Experience managing diverse, energetic, and technical teams.
• Minimum ten years of experience in cybersecurity with minimum three to five years in a security operations and leadership management roles.
• Expertise managing, maintaining and operating Security Incident and Event Management (SIEM) solutions.
• Expertise in log management, SIEM alert and parser tuning and dashboard design.
• Experience in the design, implementation, configuration and maintenance of IT security technologies, processes, and products.
• Knowledge of security configuration and monitoring for Windows and Linux OS, AWS/Azure cloud /container environments, applications, and network devices.
• Experience with REGEX and scripting using Perl, WSH, PowerShell, etc.
• Experience with forensics and tools such as FTK, Wireshark, EnCase, Autopsy, Sleuth Kit, etc.
• Developing and presenting comprehensive reports and presentations for leadership including KPI metrics.
• Strong business acumen, communication skills, and process-oriented thinking.

Required Education, Licenses or Certifications:

• Bachelor’s degree in Cyber Security, IT or a related subject, or equivalent industry experience required.
• Certifications such as CISSP, CISA, or CISM preferred.
• SANS/GIAC or other vendor certifications in digital forensics and incident response/management preferred.