Information Security Operations Manager

In the Manager, Security Operations role, you will be working to help build and maintain security programs at a rapidly growing IT shared services company.  You will report directly to the Chief Information Security Officer and be responsible for execution and oversight of day-to-day security monitoring and response, identification, and handling of security events, as well as executing numerous other security programs.  This includes, but may not be limited to:

Responsibilities:

• Leading the company’s Security Operations team made up of in-house resources as well as an external SOC provider
• Optimizing detection and response capabilities with a focus on automation
• Participation in monitoring, validating, classifying, and responding to SOC escalated security events
• Performing regular assessments on detection and response controls to improve the security posture and prevent regression
• Driving maturity of the company’s security operations procedures including the Incident Response framework
• Leading and maturing the organization’s Threat Hunting Program
• Conducting forensics and root cause analysis on escalated or repeat security events as well as lead the build out of a DFIR team under Security Operations
• Execution of vendor, infrastructure, M&A, and other security reviews as necessary
• Execution of periodic user access reviews on critical systems and data
• Driving identification and reporting of vulnerabilities and associated remediation
• Collection and presentation of key Security Operations Metrics
• Accurately assesses performance of direct reports.  Provide timely feedback and coaching to develop talent.

Requirements:

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 7-10 years of experience in Security Operations roles, preferable managing a Security Operations Center
• Strong Microsoft 365 and Azure background
• Microsoft Sentinel experience
• Possession of or ability to obtain professional certifications in information security or risk management, such as a CISSP, CISM, CEH, or forensic certifications.
• Strong knowledge of security, regulatory, and control frameworks, such as ISO270001, HIPAA, GDPR, NIST, and CIS.
• Self-starter who demonstrates strong ownership of their domain and can benchmark the current state, propose improvements, and implement with little supervision
• Interpersonal and collaborative skills and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• High level of personal integrity, and the ability to professionally handle confidential matters.
• Natural passion for security and strong drive to see both projects and investigations to completion
• Strong coaching and team building skills with the ability to motivate others through direct and indirect reporting relationships to achieve objectives.

Compensation:  $170-190K + Bonus (15%)