Job Description

The Security Operations Manager role is responsible for developing and driving the IT Security Incident Management team, processes and capabilities, the Vulnerability Management process and capabilities, the Cyber & Phishing Security Awareness process and capabilities, and the investigation and forensic documentation of reported IT Security policy violations

Develop, lead, and manage the Security Operations Team

Develop and maintain information security policies, procedures, standards, and guidelines based on best practices (NIST/CIS), regulatory (PCI/DFS), and legal compliance

Performs quantitative risk analysis and threat modeling to conduct quantitative cyber risk analysis

• Develops prioritized risk mitigation strategies.

• Conducts Information Security audit activities.

• Remain up to date on trends and issues in the security industry, including current and emerging technologies

• Assist in enhancing the IT Security Program by managing the day-to-day monitoring and alerting of Security Information and Event Management (SIEM) technology.

• Provide guidance and security policy interpretation to managing risk on Windows/Linux servers and desktops, Active Directory (Group Policy), network communications, company data stores, perimeter networks, virtual private networks, and e-mail communications.

• High level of expertise in Windows/Linux Servers/Services.

• Network monitoring, log management, and log analysis from a variety of network sensors to investigate suspect network activity.

• Work with the Infrastructure team and third-party solutions to interpret activity from system logs and network traffic to recognize and react to anomalies that may indicate vulnerabilities or unauthorized exploitation of resources.

• Interpreting network traffic and determining whether activity is legitimate.

• Utilize technical security systems including host and client-based firewalls, intrusion detection/prevention systems, cryptographic systems, endpoint security systems, threat intelligence, and zero-day and anti-virus software to monitor system activity.

• Conduct investigations in response to policy violations and security incidents.

• Develop and manage information security reporting, metrics, and dashboards.

• Participate in rotating "on-call" schedule with other members within the Information Security department.

• Performs other duties as assigned or necessitated by business, regulatory, or emergencies.

• Manage Projects/Deployments for Security Initiatives and business requirements.

Req

Bach degree in Information Security, Computer Science, or Engineering or equivalent experience preferred

Graduate degree in Information Security

Exp with NIST, CIS, and ITIL Highly desirable

Mini. 10 years experience in IT

Mini. 5 years experience in IT Security Experience with Security Incident Management, GRC, IAM, Threat Intel, SOC, Vulnerability/Penetration testing, Data Security, SDLC, Cloud Security

Exp performing security investigations

Exp with Vulnerability Management tools

Experience with 3rd party penetration testing activities +

Certifications: CISSP, GCFA, GCFE, CEH or GPEN is highly desirable. GSEC, SSCP, ECSA or CISM is desirable. MCSE, MCSA, CCNA, or CCNP is a plus

Wage Range $2880 - $3270 Weekly

Job Tags

Similar Jobs