Security Operations Manager

The Security Operations Manager will be responsible for overseeing the day-to-day operations of our 24/7 Global Security Operations Center (GSOC). This role will focus on enhancing our incident handling processes, analyzing and reporting on internal cybersecurity issues and trends, and ensuring our global teams are prepared to respond to cybersecurity incidents efficiently and effectively.

**THIS POSITION HAS AN ON-SITE REQUIREMENT. REMOTE APPLICANTS WILL NOT BE CONSIDERED**

RESPONSIBILITIES

• Perform managerial responsibilities for a 24/7 team of security operations analysts
• Ensure processes and capabilities are in place to identify, analyze, contain, and mitigate security incidents
• Ensure incident response readiness is maintained throughout the organization
• Operate as the incident commander during cybersecurity incidents
• Operate as Subject Matter Expert (SME) on information security response
• Inform on internal cybersecurity metrics and issues, making recommendations for improvement
• Ensure SOC-level cybersecurity related compliance tasks are completed appropriately
• Support cybersecurity improvements and protections throughout the organization

MINIMUM REQUIREMENTS

• 5-7 years of IT experience
• 3-5 years of security experience
• 2-3 years of cloud experience
• 2-3 years of experience managing people
• 2-3 years of experience managing a Security Operations Center (SOC) or similar environment
• Excellent written and verbal communication skills
• Excellent problem-solving skills
• Ability to be respond to security incident escalations at any time
• Ability to coordinate multi-team communication and interaction during security incident response
• Ability to maintain unshakable composure in high-stress situations
• Ability to lead cybersecurity incident analytics and forensic investigations
• Ability to accurately document major security incident reports viewable by executive leaders
• Ability to properly handle confidential and sensitive information
• Ability to pass US federal government background investigation

EDUCATION REQUIREMENTS

• Bachelor's degree or comparable experience
• CISSP or comparable certification required
• Cloud, CEH, CHFI, SSCP or Security+ highly desired

Essential Functions

• Establish and improve processes and procedures for security operations
• Operate as incident response manager during cyber incidents, directing investigation, forensic, and mitigation efforts
• Ensure incident response readiness throughout the organization, such as performing incident response simulations and table-top exercises
• Strong decision-making capabilities with a proven ability to weigh the relative costs and benefits of decisions in high stress situations
• Utilize threat intelligence to anticipate and mitigate potential cybersecurity threats
• Conduct post-incident analysis and reporting to identify lessons learned
• Report on common security incident metrics, noting areas for improvement and possible solutions
• Report to senior leadership on emerging cybersecurity trends and threats in the industry
• Understand regulatory compliance standards and assist with government related tasks

ADDITIONAL CHARACTERISTICS

• Technical expertise in endpoint detection and response solutions, network and network security technologies, Windows/Mac/Linux systems, Microsoft Directory Services, and cloud provider services (e.g. Azure/Amazon/Google/Oracle)
• Technical experience performing cybersecurity incident analytics and forensics
• Thorough understanding of security frameworks and security operations processes
• Understanding of FedRAMP compliance requirements

Work Environment & Physical Requirements

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Travel 0-5%

#LI-GW1