We are seeking a highly motivated, passionate, and well versed technical leader and practitioner to build out and manage a security operations function on a new and growing security team. The manager of Infosec Ops will be accountable for security operations monitoring and incident response security enterprise-wide including both corporate infrastructure and all product offerings. This is a unique management opportunity to drive SecOps across both corporate AND product offerings including both DevOps and AWS-based cloud infrastructures with autonomy to get things done. This role will be a critical influencer to help drive the overall enterprise information assurance strategy with visibility and direct exposure to executive management.
First and foremost, you have been there done that. In some form or fashion, you have led a security operations team and have also been a seasoned and senior individual contributor in the past. You are focused on orchestrating the art of fighting evil and instrumenting your world to expediently and efficiently perform that function, demonstrating leadership skills and calm under incident-induced pressure. You know how to hunt, looking for the signal in the noise. You are not unwilling to roll up your sleeves and lead by example. You have strong troubleshooting and problem resolution skills. You have strong written and verbal communications skills to effectively manage competing priorities in a fast moving environment. You are a self-motivated initiative with drive and passion for action and have the ability to deal with ambiguity. You pride yourself in being an energetic self-starter who shows personal initiative and follow through to get things done.
An ideal candidate would have:
- A bachelor’s in computer science (or equivalent) degree with 10 years of
documented information security work experience - Prior demonstrated senior leadership and management in an enterprise security
role with 5 years minimum of management experience. (Certifications such as CISSP, ISSAP, CRISC, and SANS preferred.) - A strong level of technical depth in the information security domain and is focused on driving metrics-driven results
- Experience with complex SaaS and Corporate IT services environments
- Expertise with administering security technology controls (firewalls, orchestration
platforms, anti-malware, forensics, IAM, IDS, DLP, open-source, etc.) - Proven track record developing and implementing security automation and
technology and process integrations. - Experience managing security in DevOps and SaaS environments.
- Experience with AWS and best practices for monitoring an IaaS environment
- Experience with incident response including data forensics and legal holds
- Experience with product security vulnerability management, responsible
disclosure, publishing CVEs and working with the security research community - Familiarity with operating enterprise security technologies and establishing
enterprise security processes. - Familiarity and experience with standards and compliance frameworks ISO, SANS, OWASP, NIST, SSAE, SOC, ITIL, etc.
- Development of detailed SecOps metrics and reporting for executive
management. - Excellent written visualization and verbal communication skills.
About the Role
- Responsible for the consolidated visibility of all security technology data outputs, the daily “watch” of the environment, and developing and integrating all operational security processes, and responding to all security incidents.
- Delivers the following “services”: Intelligence Gathering & Dissemination, Threat Actor Monitoring & Tracking, Log, Alert, Event and Incident Management, Security Investigations and Forensics, Vulnerability & Incident Mitigation, Malware and Payload Analysis, Security Researcher Relations.
- Responsible for the successful operations of all security tools and technologies and participates in or drives security reviews for new products and services.
- Partners closely with the IT, DevOps and Engineering Product Teams to maintain the operating risk posture and mitigate risks outside of established thresholds.
- Participates in risk assessments and may develop and/or execute remediation
plans for identified risks. - Documents wiki, run books, and trains others to help operationalize and
automate SecOps. - Works across engineering teams to prioritize flaws and with external entities to
respond to security issues and concerns. - Continuously identifies areas needing improvement, creates action plans, and
executes to implement changes in a timely manner - Creates a collaborative environment that reinforces a culture of innovation,
ownership, transparency, and alignment to business objectives, balancing risk tradeoffs with options and data.
Send resume's and queries to: bkirsh@cvp-es.com