Position Department: Global information Security - CSIRT (Computer Security Incident Response)
Key responsibilities include:

" Manage the computer security incident response team efforts for the Global Information Security department
" Interface with other departments and upper management on security-related topics as required
" Manage administrative and security based project plan tasks for the Global Information Security department including assignments and reporting for time tracking and staff planning purposes

" Manage team of individuals with responsibility for computer security incident response, the provision of technical investigative support, e-discovery, expert testimony and the compliance with all pertinent laws, regulations, policies and standards.

· Provide subject matter expertise on the topics of computer forensics and e-discovery, within the Ally organization

· Develop, lead, coordinate and execute response plans designed to address various categories of computer security related incidents.

· Establish and maintain excellent working relationships with management, peers, vendors, suppliers, customers and business partners to ensure reliable communications and the coordination of efforts in computer security incident response situations.

· Oversee and manage the provision of forensically sound, legally admissible, accurate and impartial reviews of electronic data and digital evidence in support of investigations.

· Manage the provision of analysis of processes and events for deceptive practices which may tend to cause financial, reputational, or other harm to Ally and/or its subsidiary business units.

· Maintain a consistent awareness of threats, vulnerabilities and security incidents industry-wide to determine the risk to the Ally Enterprise.

· Oversee and manage the provision of the electronic discovery process and professionally certified, expert-level testimony.

" Ensure appropriate metrics and reporting framework exist; deliver computer security incident response program status to all appropriate stakeholders at the required frequency

" Ensure relevant, effective computer security incident response information security standards and procedures exist and are communicated to all affected parties to meet regulatory and industry requirements.

" Work closely with auditors, regulators and examiners to ensure the on-going compliance to regulations, policies and standards of the computer security incident response program

Position Qualifications
" Certification in Information Security (CISSP or CISM)
" 10+ years experience in field of Information Security, including such areas as Identity and Access Management, security program management, policies, process and procedures, and various supporting security technologies

" 5+ years management experience
" Thorough understanding of relevant global security best practices and requirements
" Thorough understanding of relevant banking and financial services legal and regulatory requirements related to information security and privacy

" Thorough understanding of information security best practice frameworks such as ISO-17799 and COBIT
" Familiarity with Information Security technologies, markets and vendors (firewalls, intrusion detection, assessment tools, encryption, certificate authority, Web and application development, computer forensic tools such as EnCase)

" Experience in conducting risk assessments and mapping processes and program elements to identified risks
" Experience managing incidents involving data breaches, data loss and e-discovery
" Experience managing projects and in the implementation of software solutions on an enterprise level.
" The ability to understand business issues and processes and to articulate security relevance within the context of the business

" Advanced written and verbal communication skills
" Excellent leadership and teaming skills
" Ability to travel as required
" Strong interpersonal skills
" Ability to evaluate, counsel, mentor and provide feedback on performance of others
Other Information:
" Bachelor of Science in Computer Science or related field
" Professional auditing experience or certification a plus (CISA)
" Other IT certifications a plus (GIAC, SSCP, CIPP, CIA, CISM, CISSP)
" Technical proficiency in multiple information technologies a plus