Security Operations Manager

Title: IT Operations Security Operations Manager

Location: W. Conshohocken, PA

Long Term Contract

Responsibilities

• Works with IT Operations leadership to develop operational and strategic plans consistent with the needs and priorities.
• Provides consultation and support to internal customers in the development and maintenance of needs for ongoing and new projects.
• Oversee security operations and incident response functions which include leading information security investigations and incident response activities. Reporting findings and discussing companies' risks and assessments to senior leadership.
• Develop, establish, and manage the strategy for the IT Operations Security Operations Center (SOC). This includes reviewing, revising, and maintaining the information security incident response policy and procedures. Developing, preparing, and monitoring operational metrics to drive improvement in security operations.
• Operate as a strategic player/coach in a highly hands-on role.
• Responsible for budget determination, resource allocation, and timelines for all projects under the scope of security operations. Support IT Operations leadership in the supervision of monthly budget allocations as they relate to security operations.
• Maintain up-to-date situational awareness through multiple sources of threat intelligence and an ongoing understanding of the business. Provide status reports on security operations projects, and systems support activities as needed. When appropriate, provides presentations to customers and staff at all levels of the organization.
• Manage, refine, and enhance enterprise monitoring technology platforms that improve defensive visibility and prevent compromise.

Minimum Requirements

• Bachelor's degree.
• 3-5 years of experience running a Security Operations Center (SOC), or similar security team.
• Strong analytical ability necessary to identify and make recommendations concerning security operational challenges; complete and implement project plans; and resolve security issues.
• Good interpersonal and organizational skills required to communicate with employees, customers, and vendors verbally and in writing in a technical and non-technical manner.
• Demonstrated ability to facilitate a team environment encouraging communication and cooperative problem solving.
• Experience defending complex architectures hosted in AWS and On-premises
• Experience managing and maintaining a security operations toolsets including Endpoint Detection & Response (EDR), Security Information and Event Management (SIEM), Alerting, Log management, firewall and Web Application Firewall (WAF).
• Knowledge of standards such as CIS, NIST, and ISO 27001
• A highly collaborative mindset with a strong desire to work closely with the business, development and technical operations teams.
• Excellent organizational, leadership, communication, and time management skills.
• A desire to constantly improve a company's security posture.

Preferred Qualifications & Competencies

• Relevant certifications such as GCED/GCIH/GCIA/GCFA, CEH, CISSP
• Track record of and ability to work independently as well as in a team environment.
• Experience developing security automation in AWS
• Experience using Splunk, Datadog, Sumo Logic to extract operational intelligence from security and system events.