Cyber Security Operations Lead .
Ally and Your Career
The Opportunity
The Cyber Security Operations Lead, within Information Protection & Risk Management (IPRM) Data Protection team, is responsible for coordinating the day-to-day operations and strategic direction of the organization's cyber security functions, with a primary focus on key and certificate management, Data Loss Prevention (DLP), and Insider Threat Operations. This role requires a highly motivated individual with deep technical knowledge and expertise, strong leadership skills, and a passion for protecting sensitive information and critical infrastructure.
The Work Itself
Primary Responsibilities
- Develop and maintain procedures for secure key and certificate lifecycle management, consistently following industry standards and regulatory requirements.
- Guide a dispersed group of cyber security professionals in key and certificate management.
- Complete the operational backlog, ensuring delivery aligns with business and risk priorities.
- Prioritize and sequence work in partnership with Product and Engineering, ensuring alignment with squad objectives.
- Facilitate coordination across Operations, Engineering, and Product roles for flawless execution.
- Recognize and handle issues, risks, and dependencies to avoid delivery delays.
- Maintain access to delivery progress, SLA adherence, and overall operational health metrics.
- Collaborate with IT, risk, and compliance teams to ensure alignment with organizational objectives and risk appetite.
- Prepare and present reports on security incidents, metrics, and overall program efficiency to senior management.
- Remain informed about new threats, technologies, and guidelines in cyber security, consistently spotting and recommending improvements.
Secondary Responsibilities
- Define requirements for deployment, configuration, and monitoring of DLP solutions to detect and prevent unauthorized data exfiltration and leakage.
- Build and complete insider threat detection and response strategies, including the use of behavioral analytics and investigative tools.
The Skills You Bring
Minimum Qualifications:
- 7+ years of relevant experience or equivalent combination of education and experience.
- High School Diploma or GED equivalent
Preferred Qualifications:
- Bachelor’s degree in computer science, Information Security, or a related field preferred.
- More than 5 years of experience in cyber security operations, with at least 2 years spent in a leadership or supervisory role.
- Comprehensive understanding of essential key and certificate management protocols and technologies (e.g., Sectigo, Digicert, Thales Hardware Security Modules, Venafi, KeyFactor, Palo Alto Networks, Microsoft ADCS).
- Hands-on experience with DLP solutions (e.g., Digital Guardian, Palo Alto, Microsoft Purview DLP, Forcepoint, Broadcom, Proofpoint) and platforms for monitoring insider threats.
- Strong understanding of security frameworks (NIST, ISO 27001) and regulatory mandates.
- Excellent analytical, problem-solving, and communication skills.
Preferred Skills:
- Experience with SIEM, SOAR, and incident response tools.
- Ability to manage multiple projects and priorities in a fast-paced environment.
- Demonstrated ability to mentor and develop team members.
- Strong organizational and documentation skills.
- Relevant certifications preferred (e.g., CISSP, CISM).
Minimum Qualifications:
- 7+ years of relevant experience or equivalent combination of education and experience.
- High School Diploma or GED equivalent
Preferred Qualifications:
- Bachelor’s degree in computer science, Information Security, or a related field preferred.
- More than 5 years of experience in cyber security operations, with at least 2 years spent in a leadership or supervisory role.
- Comprehensive understanding of essential key and certificate management protocols and technologies (e.g., Sectigo, Digicert, Thales Hardware Security Modules, Venafi, KeyFactor, Palo Alto Networks, Microsoft ADCS).
- Hands-on experience with DLP solutions (e.g., Digital Guardian, Palo Alto, Microsoft Purview DLP, Forcepoint, Broadcom, Proofpoint) and platforms for monitoring insider threats.
- Strong understanding of security frameworks (NIST, ISO 27001) and regulatory mandates.
- Excellent analytical, problem-solving, and communication skills.
Preferred Skills:
- Experience with SIEM, SOAR, and incident response tools.
- Ability to manage multiple projects and priorities in a fast-paced environment.
- Demonstrated ability to mentor and develop team members.
- Strong organizational and documentation skills.
- Relevant certifications preferred (e.g., CISSP, CISM).
How We'll Have Your Back
Ally's compensation program offers market-competitive base pay and pay-for-performance incentives (bonuses) based on achieving personal and company goals. Our Total Rewards program includes industry-leading compensation and benefits plus additional incentives that are designed to meet your needs and those of your family so you can get the most out of your career and your life, including:
- Time Away: Program starts at 20 paid time off days in addition to 11 paid holidays and 8 hours of volunteer time off yearly (time off days are prorated based on start date and program varies based on full or part-time status and management level).
- Planning for the Future: plan for the near and long term with an industry-leading 401K retirement savings plan with matching and company contributions, student loan pay downs and 529 educational save up assistance programs, tuition reimbursement, employee stock purchase plan, and financial learning center and financial coach access.
- Supporting your Health & Well-being: flexible health and insurance options including medical, dental and vision, employee, spouse and child life insurance, short- and long-term disability, pre-tax Health Savings Account with employer contributions, Healthcare FSA, critical illness, accident & hospital indemnity insurance, and a total well-being program that helps you and your family stay on track physically, socially, emotionally, and financially.
- Building a Family: adoption, surrogacy and fertility assistance as well as paid parental and caregiver leave, Dependent Day Care FSA back-up child and adult/elder care days and childcare discounts.
- Work-Life Integration: other benefits including Mentally Fit Employee Assistance Program, subsidized and discounted Weight Watchers® program and other employee discount programs.
- Other compensations: depending on the role for which you are considered, you may be eligible for travel allowances, relocation assistance, a signing bonus and/or equity.
- To view more detailed information about Ally’s Total Rewards, please visit this link: https://www.ally.com/content/dam/pdf/corporate/ally-total-rewards-snapshot.pdf
Who We Are:
Ally Financial is a customer-centric, leading digital financial services company with passionate customer service and innovative financial solutions. We are relentlessly focused on "Doing it Right" and being a trusted financial-services provider to our consumer, commercial, and corporate customers. For more information, visit www.ally.com.
Ally is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity or expression, pregnancy status, marital status, military or veteran status, genetic disposition or any other reason protected by law.
We are committed to working with and providing reasonable accommodation to applicants with physical or mental disabilities. For accommodation requests, email us at hrpolicy@ally.com. Ally will not discriminate against any qualified individual who is capable of performing the essential functions of the job with or without reasonable accommodation.