Senior Manager of Security Engineering and Operations

Prestigious Organization is seekings Senior Security and Engineering Operations Manager. This individual is responsible for 2 managers, 10 individuals, a MSSP and 2 contractors. All cyber security, SEIM, Firewall, Infrastructure, IDS, endpoint, PCI, wireless, cloud based. Looking for strong management experience and the ability to lead teams.

This includes:

• Develop and execute a compelling operational security strategy including Detection and Response, Identity and Access Management, Network Security, and System Security
• Oversee the analysis of business requirements and the subsequent interpretation into security requirements internally and externally
• Partner with security executives across the organization to help envision and deliver company-wide security initiatives
• Evaluate, prioritize, and resource security projects and programs based on input from appropriate stakeholders
• Evaluate, implement, and support security-focused tools and services
• Collaborate with other corporate functions including Internal Audit, Legal and Compliance, Privacy, and Enterprise Sourcing to ensure that the organization maintains a strong security posture
• Liaise with Business Information Security Officers (BISOs) for cyber security and IT Risk & Compliance Management program needs within the business units
• Develop and manage a security budget and develop strategic plans to invest resources to efficiently reduce cyber security risk
• Oversee the analysts' daily tasking.
• Manage the team's scheduling.
• Ensure effective incident management.
• Identify chronic operational and security issues, and ensure they are managed appropriately.
• Manage and escalate roadblocks that may jeopardize security monitoring operations, infrastructure, and SLAs.
• Serve as a senior mentor to SOC staff.
• Interface and collaborate with outside teams.
• Track tactical issues in execution of SOC responsibilities.
• Document and track analyst training requirements.
• Ensure analysts follow existing procedures and all procedures are documented in accordance with local guidelines.
• Manage the process improvement program for SOC processes.
• Management, maintenance, and rule creation for SIEM

Incident Response

• Serve as focal technical lead on incident events and incidents.
• Must be highly technical, hands-on and also capable of serving as the primary point of contact with senior management
• Investigate network intrusions and other cyber security incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
• Summarize events/incidents effectively to different constituencies such as legal counsel, executive management and technical staff, both in written and verbal forms.
• Managing the chain of custody for all evidence collected during incidents and security investigations
• Create a curriculum and conduct in-house training sessions, individualized if needed, for IR staff, to ensure appropriate development of skills and continued innovation as well a facilitating incident management team exercises and events

Qualifications:

• Bachelor's Degree in Information Security, Computer Science or equivalent; or 7 years' comparable work/military experience
• Security Certifications such as CISSP, ECIH, GCIA, and/or GCIH
• Strong background in security operations, process, solutions and technologies
• Experience interfacing with other internal or external organizations regarding failure and incident response situations
• 3+ years of experience leading teams utilizing a Security Incident Event Management Solution
• 5+ years of experience in security incident handling and forensics skills including knowledge of common probing and attack methods, network/service discovery, system assessment, viruses and other forms of malware.
• Experience mitigating and addressing threat vectors including Advanced Persistent Threat (ADT), Distributed Denial of Service (DDoS), Phishing, Malicious Payloads, Malware, etc.
• Knowledge of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits
• Excellent verbal communication skills, strong analytical and organizational skills. Strong analytical skills to define risk, identify potential threats, and develop action/mitigation plans.
• Ability to manage expectations with multiple stakeholders on projects and programs in conjunction with information security team
• Demonstrated personal integrity, the ability to professionally handle confidential matters and exhibit the appropriate level of judgment and decision making commensurate with the position and responsibilities
• Demonstrated initiative, dependability, and ability to work with little supervision
• Travel (including international) is possible. Evening and weekend hours should be anticipated
• Ability to acquire a US government clearance a plus