Or email your resume to [email protected]
Apply for this Job below or Call Us at 1-888-743-7782
Technology Security Manager
Technology Security Manager
Our client is seeking a hands-on IT Security Manager who is responsible for the technical direction and process of the security team, providing guidance to both the senior and non-senior staff. The IT Security Manager is responsible for monitoring and responding to security events within the company. The successful candidate will participate in continuous monitoring efforts, analyzing and prioritizing those events with security implications, while also responding to those events which rise to the level of incidents.
- Operational and strategic planning, including promoting innovation, planning projects; organizing and negotiating the allocation of resources
- Allocate, track and report on resources assigned to team projects as needed.
- Benchmark, analyze, report on and make recommendations for the improvement and growth of security solutions within the organization.
- Conduct product evaluations of security technologies as directed.
- Manage the customer and vendor relationships, ensuring compliance and complete trust through effective communication.
- Assist with the developing business case justifications, cost/benefit analyses and budget for technology spending and initiatives.
- Manage the deployment, monitoring, maintenance, development, upgrade, and support of security tools.
- Manage personnel, including supervision, scheduling, development, evaluation, and disciplinary action.
- Monitor key performance indicators, determine gaps in performance metrics, and recommend/execute change management techniques for efficiency/quality improvements
- Oversee the monitoring, identification and resolution of security incidents to detect threats through analysis, investigations and prioritization of incidents based on risk/exposure
- Ensure that Standard Operating Procedures are being created and followed by the team
- Maintain awareness of Cyber Security advisories, alerts, vulnerabilities, and solutions through industry subscriptions and relationships with State and Federal agencies
- Maintain and test cyber incident handling processes and procedures
- Bachelor’s degree in computer science or management information systems and/or 5+ years equivalent work experience.
- 5+ years working within the IT security field, with focus on security operations, incident management, intrusion detection, firewall deployment, and security event analysis
- Certification (at least one of): CISSP, CISM, GIAC (GSSEC, GPEN, GCED, etc.) or similar
- Strong knowledge of application and database security: Security role within SDLC, database encryption, vulnerability discovery, certificate based access
- Demonstrated experience in the monitoring, analysis and triage of network events in a high volume and fast paced environment
- Demonstrated incident response experience to include the application of lessons learned
- Strong technical knowledge of various security tools, techniques, and methodologies including Federated Authentication, IDS/IPS, Internet Protocols, Network/Security applications and analysis, SIEM data correlation and analysis, DLP, endpoint protection, Web Proxies, Remote Access technologies, firewalls, load balancing, IAM and PAM.
- Strong knowledge of current security standards and trends in area of responsibility.
- Vendor relationship management experience.
- Understanding of human resource management principles, practices, and procedures.
- Ability and willingness to train, mentor and develop a small team of people and drive process improvement in the department.
- In-depth knowledge of current threat actors, techniques and trends in cyber security
- Strong working knowledge of latest authentication mechanisms and access controls such as: Federated authentication (ADFS, SSO, SAML, OpenID, OAuth2.0), Active Directory, and Application Authorization
- Strong working knowledge with cloud solutions such as AWS, Azure, etc.
- Working knowledge of common security industry standards such as: NIST 800-53, 800-61, ISO 27001 and 27002, PCI, SOC 2 (SSAE-16)
- Possess in depth experience in executive management reporting as it pertains to risk management and mitigation strategies
SherlockTalent loves to share a $500 referral bonus!
"U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time."