Ball Jobs

Mobile Ball Logo

Job Information

Ball Corporation / Ball Aerospace Cyber Security Operations Lead in Westminster, Colorado

Job Title:

Cyber Security Operations Lead

Job ID:



CO - Westminster

Full/Part Time:




Return to Previous Page

Who We Are:

Ball Corporation supplies innovative, sustainable packaging solutions for beverage, personal care and household products customers, as well as aerospace and other technologies and services primarily for the U.S. government. Ball Corporation and its subsidiaries employ more than 17,500 people worldwide and reported 2018 net sales of $11.6 billion. Ball is dedicated to creating an inclusive environment and is proud to be an equal opportunity employer. Ball Corporation is committed to recruiting, training, compensating and promoting regardless of race, color, religion, gender, gender identity or expression, sexual orientation, disability, age, or veteran status.

For more information, visit, or connect with us on Facebook or Twitter.

Job Duties:

Our Lead of Cyber Security Operations is the highest-ranking technical team member of the Global Ball Security Operations team and reports to the Manager of Security operations. The Cyber Security Operations team is a key part of our Global IT Security & Compliance organization, which also includes Governance, Risk & Compliance, Active Cyber Defense and Architecture & Solution Delivery. This position is the technical lead responsible for the oversight and coordination of a global technical team located in Colorado and Belgrade Serbia. This position will have primary responsibility for the operations of our security controls (services) as well our critical security operations processes. The lead of Cyber Security Operations delivers our critical security services and processes to ensure they operate effectively and continuously improve to meet the evolving threats. Critical processes including, but are not limited to, Incident Response and remediation and patch and vulnerability governance.

This position requires an energetic, seasoned security professional to lead our operations team:

  • Technical leadership (proven tier 3 & 4 technical support) along with leadership of a technical team of approximately 6 Individual Contributors located in the USA and Belgrade Serbia

  • Demonstrated technical experience and expertise in at least 6-7 of our current security controls:

  • (INCLUDING: firewall, Identity & Access Management, Multi-factor Authentication, Federation & single sign on, Intrusion prevention, Web Application malware protection, Privileged Access Management, Advanced threat protection, email security, end point protection, mobile device security, remote access, Cloud services governance and management, Data Loss prevention, Incident Response, Certificate Management (PKI), Security Incident Logging (SIM), Global DNS, Full Disk encryption, Network Access Control (NAC), etc.)

  • Proven, very strong troubleshooting skills and abilities to quickly resolve tier 3 and tier 4 incidents

  • Demonstrated technical expertise in Incident response and patch a vulnerability management

  • Manages Day to Day technical responsibilities of a high-performing team, including: identifying staffing needs in order to support current and future business requirements; recruiting to fill new/additional requirements, applying appropriate sourcing strategies to most effectively leverage global resources

  • Deploy standard solutions and manage ongoing operations refresh of services

  • Lead technical implementation of new standard security solutions and operations projects and services refresh ongoing

  • Responsible for ensuring service operations that meet business service level requirements and global support for our services 7x24x365

  • Establish, maintain and continually improve, security operations processes while ensure the technical team is fully trained ongoing and able to fully support services & processes ongoing

  • Technical leadership of our end to end cyber security incident response lifecycle (i.e. incident Intake, Classification, Containment, Investigation, Remediation and Closure) and Patch and Vulnerability management processes

  • Participation and technical leadership as part of ongoing (regularly scheduled and ad hoc) security Operations management updates including management and review of key metrics

  • Technical leadership within IT Security & Compliance and across IT and our global business stakeholders to identity risks and work to bring improvements in our cyber defense and operations to realization

  • Technical leadership of ongoing quality assurance across our services and processes

  • Accountable for technical performance/accomplishment of the operations team

  • Participates in an on-call rotation with department

Essential Functions and Responsibilities:

  • Perform administrative activities necessary for effective technical support of the operations team work, including; motivation, meeting objectives, planning, organizing, integrating and measuring the work performed within the team

  • Technical team leadership of high impact incidents, generate clear, concise recommendations, and coordinate activities and professional communications across a range of internal and external stakeholders while working under significant pressure

  • Maintain awareness of current and potential threats and risks for security related information protection

  • Technical leadership of the remediation of the top threats across Ball Globally as part of our Patch and vulnerability management governance

  • Utilizes industry trends to improve organizational effectiveness; implements best practices, quality control, risk management for process and organizational improvement

  • Collaborate with key business partners, internal technology teams and external vendors to build process and leverage technology to enable detection of future threats

  • Remain knowledgeable about security issues, vulnerabilities, regulatory, legal, and security standards that may impact information security

  • Define team technical and process objectives, including coordination of ongoing shared work plan including regular updates and management and delivery of performance objectives

  • Deliver, monitor and provide regular status reporting and metrics, regarding performance of incident lifecycle and Operations

  • Manages SLA performance for compliance with organizational needs and requirements, including follow-up checks for corrective action when and where needed

  • Identify opportunities to reduce risk and document remediation options regarding acceptance or mitigation of risk scenarios

  • Work with the rest of the Global Security Team to identify gaps and minimize risks in the security program with an aim to reduce the impact/occurrence of security incidents

  • Adapt strategy to incorporate and address emerging technologies and risks

Position Requirements:

  • The Lead Cyber Security Operations, should have no fewer than 7+ years of direct experience and expertise in information security

  • 4+ years of experience in a technical leadership role across a multitude of Security services and processes

  • Experience managing information technology in a medium-to-large, complex environment

  • Degree (BS or MS) in computer science/engineering, Cybersecurity or related field.

  • Fluency in English

  • Minimum professional certifications:

  • Military or formal vocational technical training in computer science desired but not required.

  • Job Qualification Records may be presented in lieu of certain certification

  • At least two current professional certifications including at minimum one of the following:

  • (ISC)2 CISSP (Certificate Information Security Professional

  • SANS SEC 401: Security Essentials

  • ISACA CISM: Certified Information Security Manager

  • Additional Professional certifications desired

  • Directing Others. Is good at establishing clear technical direction; setting stretching objectives; distributing the technical workload appropriately; lays out work in a well-planned and organized manner; maintains two-way dialogue with others on work and results; brings out the best in people; is a clear communicator

  • Integrity and Trust (Ethics and Values). Is widely trusted; is seen as a direct, truthful individual; can present the unvarnished truth in an appropriate and helpful manner; keeps confidences; admits mistakes; doesn’t misrepresent for personal gain

  • Customer Focus. Is dedicated to meeting the expectations and requirements of internal and external customers; gets first-hand customer information and uses it for improvements in products and services; acts with customers in mind; establishes and maintains effective relationships with customers and gains their trust and respect

  • Action Oriented (Drive for Results). Enjoys working hard; is action oriented and full of energy for the things he/she sees as challenging; not fearful of acting with a minimum of planning; seizes more opportunities than others; pushes self and others for results

  • Priority Setting (Time Management). Spends his/her time and the time of others on what’s important; quickly zeroes in on the critical few and puts the trivial many aside; can quickly sense what will help or hinder accomplishing a goal; eliminates roadblocks; creates focus

  • Composure. Is cool under pressure; does not become defensive or irritated when times are tough; is considered mature; can be counted on to hold things together during tough times; can handle stress; is not knocked off balance by the unexpected; doesn’t show frustration when resisted or blocked; is a settling influence in a crisis

  • Informing. Provides the information people need to know to do their jobs and to feel good about being a member of the team, unit, and/or the organization; provides individuals information so that they can make accurate decisions; is timely with information

  • Building Effective Teams. Blends people into teams when needed; creates strong morale and spirit in his/her team; shares wins and successes; fosters open dialogue; lets people finish and be responsible for their work; defines success in terms of the whole team; creates a feeling of belonging in the team

  • Managing and Measuring Work. Clearly assigns responsibility for tasks and decisions; sets clear objectives and measures; monitors process, progress, and results; designs feedback loops into work

  • Clear understanding of the concepts of operations security, incident response lifecycle, patch and vulnerability management

  • Supports process and systems improvements resulting from activities such as Lean, Six Sigma, COBIT, ITIL, CMMI, etc. Benchmarks SLAs for IT services with internal and external service providers

  • Strong customer/client focus, with the ability to manage expectations appropriately; provide a superior customer/client experience and build long-term relationships

  • Establish and maintain effective working relationships within the department and across the Company

  • Resilience, creativity and flexibility to explore different paths to achieve an outcome and adjust quickly and efficiently to new circumstances and measured results.

  • Calmness and clarity of thought under pressure and ability to maintain confidentiality

  • Maintain expertise on security trends through training, research and development in order to mitigate potential security exposures

  • Self-motivated, accepts responsibility and is personally accountable

  • Proven conflict resolution and negotiation skills, ability to make and defend difficult decisions

  • While the regular working cycle of this position is usually five days on (Monday-Friday), this job may include working weekends (Saturday and Sunday); working hours may vary as specified by management. Incumbent must be able to work overtime on a regular basis and/or be on call as directed by management

  • Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously

  • This position regularly requires a high degree of mental effort due to considerable interruptions and/or frequent changes of activity or workloads during a typical working day

  • Works in an office environment

  • Requires short-term domestic and international travel (<15% travel)

The candidate(s) offered this position will be required to submit to a background investigation, which includes a drug screen


Relocation for this position is NOT Available

Ball Corporation offers comprehensive benefits packages, including paid holidays/vacation, affordable medical, dental, life insurance, tuition reimbursement, ESPP, and retirement plans.

EEO Statement:

Equal Opportunity Employer

Minority, Female, Disabled, Lesbian, Gay, Bi-sexual, Transgender and Veterans.