Candidates « Blackmere Consulting
Specialized Recruiting Solutions Designed to Access Deep Talent Pools
Call Us: 208-932-2750

Candidates

Featured Positions

Manager, Cybersecurity Operations - Managed Services

Job Title
Manager, Cybersecurity Operations - Managed Services
Job ID
27060221
Description

As the Manager of Cybersecurity Operations you will serve as the hands-on leader of a talented team of security analysts, providing technical guidance and mentoring for both senior and junior team members. Our ideal candidate will be technically centered with a strong focus on collaboration across functional teams as well as a passion for service level achievement. This critical role will be accountable for continuous improvement, team leadership, monitoring efforts and security event analysis and prioritization.

The Manager of Cybersecurity operations will successfully mentor and manage staff, develop and mature internal processes and will be key in driving operations, analysis, and intelligence functions. This critical position will have a great deal of organizational influence and will report directly into the Director of Security Operations. Responsibilities include:

  • Develop and maintain Standard Operating Procedures for security analyst roles and responsibilities;
  • Maintain deployed security technologies providing accurate, detailed configurations, repeatable processes, all under change management control;
  • Provide analysis and trending of security log data from a large number of heterogeneous security devices;
  • Develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases;
  • Conduct product evaluations of security technologies as directed. Develop product comparisons and detailed reports. Make recommendations to management appropriate to an organizations needs and requirements;
  • Ability to manage a small team of people and drive process improvement in the SOC;
  • Provide 1st and 2nd -level troubleshooting support for security applications and appliances;
  • Develop policies, procedures and standards that meet existing and newly developed policy and regulatory requirements including SOX, PCI and HiTrust;
  • Responsible for working in a 24x7 Security Operation Center (SOC) environment;
  • Provide Incident Response (IR) support when analysis confirms actionable incident;
  • Provide threat and vulnerability analysis as well as security advisory services; and
  • Analyze and respond to previously undisclosed software and hardware vulnerabilities.
  • Monitor key performance indicators, determine gaps in performance metrics, and recommend/execute change management techniques for efficiency/quality improvements
  • Oversee the monitoring, identification and resolution of security incidents to detect threats through analysis, investigations and prioritization of incidents based on risk/exposure
  • Manage services for quality performance and fulfillment of client Service Level Agreements (SLA)
  • Develop, maintain, and submit SOC compliance reports as required by the client
  • Develop appropriate response strategies based on intelligence received
  • Responsible for security analysis, administration and remediation procedures, workflows and tasks
  • Ensure that Standard Operating Procedures are being created and followed by the team
  • Evaluate existing SIEM rules, filters, events and use cases and adapt to meet the clients requirements
 

THE IDEAL CANDIDATE WILL HAVE SEVERAL OF THE FOLLOWING CHARACTERISTICS:

  • Bachelor of Science in a technical discipline or equivalent demonstrated experience and knowledge.
  • Minimum 7 years of information security and 5 years’ experience in an analysis and response role or security operation center environment
  • 4+ years working within the information security field, with emphasis on security operations, incident management, intrusion detection, firewall deployment, and security event analysis
  • Demonstrated experience in the monitoring, analysis and triage of network events in a high volume and fast paced environment
  • Demonstrated cyber incident handling experience to include the application of lessons learned
  • Knowledge of various security methodologies and processes, and technical security solutions (firewall, intrusion prevention and intrusion detection systems)
  • Knowledge of TCP/IP Protocols, network analysis, and network/security applications
  • Knowledge of common Internet protocols and applications;
  • In-depth experience reviewing raw log files and performing data correlation/analysis, such as firewall, IDS, and system logs
  • Experience utilizing, tuning and developing procedures for SIEM tools (SPLUNK, SolarWinds LEM)
  • Experience with Data Loss Prevention (DLP) tools including; SourceFire, FireEye, Forcepoint (Websense), McAfee EPO
  • In-depth knowledge of current threat actors, techniques and trends in cyber security
  • Knowledge and working experience as a user and/or admin of SIEM technology solutions
  • Possession of industry certifications is preferred, examples include: CISSP, CEH, GCIH, GCIA or similar
  • Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM)
  • Working knowledge of common security industry standards such as: NIST 800-53, 800-61, ISO 27001 and 27002, PCI, SOC 2 (SSAE-16)

  • Position located in beautiful Tampa, FL
  • Relocation offered for the right candidate
  • In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
  • Travel necessary (up to 15%) - Passport required for North American travel.

Blackmere Consulting is an equal opportunity employer (EOE/AA/M/F/Vets/Disabled/Protected Statuses)

Option 1: Create a New Profile

Apply with LinkedIn