Manager, Security Operations
- Job Title
- Manager, Security Operations
- Job ID
As the Manager of Security Operations you will lead a talented team of information security engineers and analysts who receive, triage, analyze, monitor and coordinate incident response throughout North America. Our ideal candidate will be technically centered with a strong focus on collaboration across functional teams as well as a passion for service level achievement. This critical role will be accountable for strategic direction and daily operations focused on evaluations of security threats and vulnerabilities, and developing and conducting security research and education.
The Director will successfully mentor and manage staff, develop and mature internal processes and will be key in driving operations, analysis, and intelligence functions. This critical position will have a great deal of organizational influence and will report directly into the Vice President. Responsibilities include:
- Management of the Security Operations Center - Lead a team of internal technical security team members and third party vendors.
- Verify vendor service level agreements in regards to security incident response is met.
- Manage and enhance existing SIEM implementation including coordinating response to security incidents. This includes connectors, logs, Windows, Linux, and IBM I series servers, and network devices; develop use cases, dashboards, rules, policies, filters, and reporting.
- Work closely with overall IT security and compliance teams to maintain security requirements for operations of SIEM tools.
- Lead all comprehensive monitoring of all IT Security tools, reviewing system and application logs, intrusion detection alerts for indication unauthorized activity, insider threat, or criminal behavior.
- Guide all Security Incident Response activities and integrate with broader company incident response.
- Ensure complete documentation of security monitoring and incident response activities, utilizing case management and ticketing technologies.
- Manage the design and implementation of an IT Security Risk framework. Build, develop and manage a defense capability encompassing Intelligence, threat detection and response that provides timely and credible intelligence of known and anticipated threats to infrastructure, information, staff or customers.
- Develop and maintain policies, procedures, standards, and guidelines.
- Monitor and provide metrics of the overall effectiveness of the Security Operation program.
- Manage and enhance internal vulnerability management program. Lead vulnerability identification including system level reviews, vulnerability scans, and penetration tests on infrastructure and applications. Advise and lead security efforts with cross-functional teams to drive the closure of identified vulnerabilities.
- Represent information security at change control meetings.
- Update and maintain computer forensics and incident response procedures.
- Perform annual testing of enterprise incident response plan.
- Mentor and train junior security staff.
- Implement and maintain HR policies/procedures. Hire, motivate and develop team members, define priorities and objectives, follow up progress of skills and achievements to have qualified, competent and motivated employees.
- Initiate, facilitate, and promote activities to create information security awareness within the organization. Provide regular security awareness training material for inclusion in annual compliance training program.
- Monitor compliance with information security policies and procedures.
- Bridge gaps between control requirements, technical issues and business risks
- Management of security projects including resourcing, budgeting, and providing project updates to senior IT and business teams.
THE IDEAL CANDIDATE WILL HAVE SEVERAL OF THE FOLLOWING CHARACTERISTICS:
- Bachelor’s Degree in Management Information Systems, and/or 3-5+ years of Cyber Security, Security Operations Center (SOC) experience
- Minimum of 2 years in a management/leadership capacity managing SOC personnel
- Specialized training in intrusion analysis systems, penetration testing, vendor management, and customer relations
- CISSP, CISM, CCNA, and/or Windows certifications preferred but not required.
- Experience with anti-malware, vulnerability and penetration testing, patching, file integrity monitoring
- Effective communicator, both written and oral,
- Able to work in a fast paced, high volume environment with rapidly changing priorities and responsibilities.
- Must be willing to work various shifts to include evenings, weekends, and holidays.
- Knowledgeable of both signature and behavioral IDS sensors and vulnerability scanners.
- Advanced knowledge of MS Windows, both servers and workstations.
- Knowledgeable of incident resolution and handling.
- Knowledgeable of common vulnerabilities, and ability to keep up on the latest exploits.
- Knowledgeable of incident analysis and investigation. Understands how to define an incident, how to respond, and how to coordinate that response.
- Knowledgeable of vulnerability scanners, and penetration testing tools, and how to coordinate outside vendors to perform them quarterly.
- Familiarity with various network analysis tools.
- Deep understanding of network transports, and configuration of routers switches, firewalls, and wireless access points, along with windows hosts, Linux, and Mac, and how to best secure each of those in the environment.
- Position located in lovely Las Vegas, NV!
- No state taxes, low cost of living and family friendly
- Relocation offered for the right candidate
Blackmere Consulting is an equal opportunity employer (EOE/AA/M/F/Vets/Disabled/Protected Statuses)