Senior Director Lead – Cyber Defense & Response

Senior Director Lead – Cyber Defense & Response .

General information

Career area

Technology

Work Location(s)

500 Woodward Avenue, MI, 601 S. Tryon Street, NC

Remote?

Ref #

19577

Posted Date

04-09-25

Working time

Full time

Ally and Your Career

Ally Financial only succeeds when its people do - and that’s more than some cliché people put on job postings. We live this stuff! We see our people as, well, people - with interests, families, friends, dreams, and causes that are all important to them. Our focus is on the health and safety of our teammates as well as work-life balance and diversity and inclusion. From generous benefits to a variety of employee resource groups, we strive to build paths that encourage employees to stretch themselves professionally. We want to help you grow, develop, and learn new things. You’re constantly evolving, so shouldn’t your opportunities be, too?

Work Schedule: Ally designates roles as (1) fully on-site, (2) hybrid, or (3) fully remote. Hybrid roles are generally expected to be in the office a certain number of days per week as indicated by your manager. Your hiring manager will discuss this role's specific work requirements with you during the hiring process. All work requirements are subject to change at any time based on leader discretion and/or business need.

The Opportunity

At Ally, you get a startup feel, but experience the benefits of a company that has worked out the kinks and is fulfilling its purpose. We are always evolving and see that as a good thing. From owning our work to seeing its impact in the real world, our team is relentless in finding new ways technology can help make experiences better and help people. We are problem solvers, we value diverse thinking, we support one another, and we challenge ourselves to think bigger in the journey to deliver customer-obsessed tech solutions. To read more about what our tech team does, be sure to visit our tech blog at ally.tech

The Senior Director Lead, Cyber Defense & Response at Ally is part of the Executive Leadership for Information Protection and Risk Management. The Senior Director Lead will drive the established approach to the management of security risks at Ally while partnering with other members of the Senior Leadership team. Responsible for overseeing the management of technical security staff and ensuring IPRM People Managers are delivering upon overall objectives.

In this role you will provide industry-leading Security Operations Center, Incident Response, Cyber Threat Intelligence, Threat Emulation and Offensive Security services. You will help Ally continuously detect and respond to threats and help reduce the overall impact of business risk before, during, and after an incident. You will be able to resolve security incidents quickly and at scale with complete end-to-end incident response including monitoring, detection, investigation, containment, remediation, and partnering with our lines of business partners, support teams and crisis management function. You will work on engagements navigating incidents, performing forensic analysis, threat hunting, and malware triage. Experience with threat intelligence, machine intelligence, and security objectives and controls validation will be instrumental in helping defend against today's advanced threats.

At this time, Ally will not sponsor a new applicant for employment authorization for this position.

The Work Itself

Drive the established approach to the management of security risks at Ally while partnering with other members of the Senior Leadership team.
Lead a 24x7 team of Managers, Principal and Analysts in response, incident management, cyber threat intelligence, red team, and detection engineering roles.
Focus on delivering commitments aligned to enterprise cyber security priorities.
Build support for implementing security strategies with peer business and technology leaders.
Set vision for maturing the cyber security defense and response organization, guide development of actionable roadmaps and plans, and ensure execution of those plans.
Implement risk management practices in line with enterprise policies and practices.
Set technology platform vision, encourage security response innovation, and lead implementation of projects.
Interface with external agencies or industry forums to exchange cyber threat intelligence information.
Manage allocation of people and financial resources.
Develop strategies for hiring and retaining top cyber security response talent.
Guide a culture of talent development as a force-multiplier.
Effectively build, mature and lead cross-functional teams that support major security initiatives.
Develop and implement Roadmaps to define short and long-term strategies as well as activity, funding and resource requirements.
Identify, select and manage related security technologies and vendors to ensure that service delivery and support meet performance and business objectives.
Continuously evaluate and assess current and future security needs of the organization and make recommendations and business case requests to substantiate changes.
Develop and maintain project scopes, timelines and budgets, through internal team and business partners.
Understand and adhere to the regulatory and compliance requirements that impact either current business operations or potential customer engagements.
Think in an innovative and creative way to assist in the growth of our business by providing timely and flexible security solutions.
Manage customer communications as they relate to security initiatives and share actionable information with organizational leadership to assist with and facilitate informed decision-making.

The Skills You Bring

Qualifications

Bachelor's degree in information systems or relevant field of study or equivalent experience.
12+ years of Technology experience with at least 7 years of focus in Information Security.
3+ years of Security Operations Center and Incident Response experience.
CISSP, CISM, CISA, CRISC certification(s) preferred.
Experience with and strong working knowledge of Threat Intelligence, Cloud Security, Offensive Security and Threat Emulation disciplines and services.
Strong working knowledge of current cyber security threats and techniques, as well as a dedicated and self-driven desire to help research and assist in the selection of cyber security products.
Proven track record managing experienced staff in the implementation of the Information Security strategy.
Expert knowledge in the identification, plan for resolution, and execution of action plans for complex problems in a regulated environment.
Strong leadership skills and the ability to work effectively with business managers, Technology engineering, and Technology operations staff.
A strong understanding of operating system internals and network protocols.
Familiarity with the principles of cryptography and cryptanalysis.
Experience working with legal, audit, and compliance staff.
Familiarity with NIST, ISO, CIS, COBIT and other key security frameworks.
Familiarity with FFIEC and FDIC regulations.
Familiarity with GLBA, HIPAA, SOX and PCI security requirements and expectations.
Comfortable handling high level strategy and implementation details.
Excellent problem-solving and troubleshooting skills with a strong attention to detail.
Solid understanding of information security requirements and auditing processes.
Ability to develop and maintain standards, policies and procedures and to maintain effective working relations.
Strong leadership, analytical, planning, and resource management skills.
Excellent verbal & written communication, including interaction with internal engineering and business teams as well as the development of Executive level presentations.
Constant process improvement thinking to identify automation opportunities, reduce delivery time and increase customer satisfaction.
Ability to work independently with minimal supervision, with an ability to make independent decisions when appropriate.
Willing to work after-hours and weekends when security issues arise which require immediate resolution.
Strong administrative, coordination and interpersonal skills with the ability to motivate and lead people, and help them develop as cyber security professionals.
Strong experience showing the ability to effectively lead and manage local and remote teams, both direct and matrixed.
Solid project management skills and familiarity with Agile methodologies such as Scrum and Kanban.

#LI-Hybrid

How We'll Have Your Back

Ally's compensation program offers market-competitive base pay and pay-for-performance incentives (bonuses) based on achieving personal and company goals. Our Total Rewards program includes industry-leading compensation and benefits plus additional incentives that are designed to meet your needs and those of your family so you can get the most out of your career and your life, including:

Time Away: 11 paid holidays, 20 paid time off days, and 8 hours of volunteer time off, yearly (paid time off is prorated based on start date)
Planning for the Future: plan for the near and long term with an industry-leading 401K retirement savings plan with matching and company contributions, student loan pay downs and 529 educational save up assistance programs, tuition reimbursement, employee stock purchase plan, and financial learning center and financial coach access.
Supporting your Health & Well-being: flexible health and insurance options including medical, dental and vision, employee, spouse and child life insurance, short- and long-term disability, pre-tax Health Savings Account with employer contributions, Healthcare FSA, critical illness, accident & hospital indemnity insurance, and a total well-being program that helps you and your family stay on track physically, socially, emotionally, and financially.
Building a Family: adoption, surrogacy and fertility assistance as well as paid parental and caregiver leave, Dependent Day Care FSA back-up child and adult/elder care days and childcare discounts.
Work-Life Integration: other benefits including Mentally Fit Employee Assistance Program, subsidized and discounted Weight Watchers® program and other employee discount programs.
Other compensations: depending on the role for which you are considered, you may be eligible for travel allowances, relocation assistance, a signing bonus and/or equity.
To view more detailed information about Ally’s Total Rewards, please visit this link: https://www.ally.com/content/dam/pdf/corporate/ally-total-rewards-snapshot.pdf

Who We Are:

Ally Financial is a customer-centric, leading digital financial services company with passionate customer service and innovative financial solutions. We are relentlessly focused on "Doing it Right" and being a trusted financial-services provider to our consumer, commercial, and corporate customers. For more information, visit www.ally.com.

Ally is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity or expression, pregnancy status, marital status, military or veteran status, genetic disposition or any other reason protected by law.

We are committed to working with and providing reasonable accommodation to applicants with physical or mental disabilities. For accommodation requests, email us at work@ally.com. Ally will not discriminate against any qualified individual who is capable of performing the essential functions of the job with or without reasonable accommodation.

Base Pay Range: $170000 - $300000 USD

An individual's position in the range is determined by the specific role, the scope and responsibilities of the role, work experience, education, certification(s), training, and additional qualifications. We review internal pay, the competitive market, and business environment prior to extending an offer.

Incentive Compensation: This position is eligible to participate in our annual incentive plan.

Back to job list