Sr. Information Security Manager with Diversity Profile – Security Operations Center (1 position)
Physical Requirements – must physically work at customer location in Austin, TX – travel not included
Must be authorized to work in the US. Sponsorship is not available for this position.
Sr. Information Security Manager responsible for monitoring, detecting, triaging, and responding to security events and incidents in a 24 x 7 global environment.
Key Responsibilities:
- Manage the day-to-day SOC Operations for North America.
- Manage a team of SOC analysts to monitor for and respond to security events 24x7x365.
- Supervise the SOC team, provide technical guidance, and engage with other teams within the Information Security and Risk Management organization.
- Oversee all management activities related to SOC operations including people management, training, and mentoring to direct reports.
- Leverage automation and orchestration solutions to automate repetitive tasks.
- Review and update SOC policies and procedures on a continuous basis.
- Develop metrics and scorecards to measure SOC effectiveness and efficiency of SOC team members.
- Stay current with and remain knowledgeable about new threats. Analyze attacker tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.
- Utilize security models and frameworks for documenting and tracking purposes, (e.g. MITRE ATT&CK framework, Cyber Kill Chain (CKC) framework)
- Partner with the security architecture, security engineering and security automation teams to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.
- Manage career development for team members, including training and mentoring, conducting performance reviews and exhibiting behaviors to be modeled by team members.
Minimum Requirements
Degree or equivalent experience. Typically requires 9+ years of professional experience and 1+ years of supervisory and/or management experience.
Critical Skills
- At least 7+ years of information security monitoring and response experience.
- Experience managing people, including technical staff in a 24x7 operational environment.
- Experience developing and mentoring information security analysts within a global security operations center.
- Experience driving measurable improvements in monitoring and response capabilities at scale.
- Experience identifying and creating high fidelity threat detections for Cloud and On-Prem environments.
- Experience with Network Security, Endpoint Security (EPP/EDR), Security Analytics, Security Orchestration, Automation, and Response (SOAR), Security Event Management, and other DLP and other network and system monitoring tools.
- Working collaboratively and engaging with multiple security teams and subject matter experts to include threat hunters, counter-threat intelligence analysts, incident responders and forensic investigators.
- Assisting with incident response as events are escalated, including triage, containment, remediation, and documentation.
- Knowledge of regulatory requirements for NIST, PCI, ISO 27001, HIPAA, GDPR, HITRUST, FedRamp, etc.
Additional Knowledge and Skills
- Knowledge of the healthcare, distribution, or software industries is a plus.
- CISSP, CISM and/or SANS certification a plus.
- Certifications related to security (such as Security+, GSEC, GCIH, GCIA, CISSP, NCSF, etc.) preferred.
Education
Bachelor's Degree in Management Information Systems, Computer Science, Master’s degree in Computer Security, Cybersecurity, or similar is preferred.