Sr. Cyber Security Manager - Winston Salem, North Carolina | CareerCircle
Job thumbnail

Sr. Cyber Security Manager

TEKsystems

02/23/2022

Posting ID: JP-002665689

×Not Interested
Save Job
Pin drop icon
Winston Salem, North Carolina
Share:Facebook iconTwitter iconLinkedin icon

Description:

The Sr. Cybersecurity Manager performs a core function for the enterprise including overseeing the operations of the company's security solutions through management of the organization's security operations engineers, analysts, security platforms, and external partners.

The Sr. Cybersecurity Manager will interface with peers across domestic and global IT departments and business leaders to ensure the delivery of best-in-class Security and Risk services.

70% of the time this resource will be focused on getting things stabilized and making sure controls and protections are in place and optimized.

30% of the time will be focused on projects and driving improvements, integrations and implementation of tools, architectural design reviews etc.

Responsibilities:

Your specific duties as a Sr. Cybersecurity Manager will include:

• Responsible for the overall end-to-end management of the company's cybersecurity operations for corporate and cloud systems across our global footprint. This position will be required to develop and lead the Security Operations team in the execution of the company’s cybersecurity strategy for the delivery of secure, scalable infrastructure systems and services.

• Works with management and other technical teams in support of various internal and external audits (i.e. PCI, SOX, etc…). Additionally, develops and implements strategic, technical, and operational security/infrastructure controls that are properly aligned with business goals and objectives. This position manages the Security Operations team responsible for maintaining security configurations for critical infrastructure systems and for using applicable encryption methods. This role is also responsible for providing information to management regarding the negative impact on the business caused by theft, destruction, alteration, or denial of access to information.

• Ability to provide day-to-day management to Cybersecurity personnel in an IT Department in multiple office and data center locations.

• Must be able to carry out managerial responsibilities in accordance with the organization's policies and applicable laws including interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; addressing complaints and resolving issues.

• Manages, coordinates, and prioritizes the schedules, projects, and activities of direct reports.

• Works with management to coordinate responses to information security control testing and vulnerability scans, audits, and assessments. Implements practices to optimize this process across the organization for the proactive reduction of organizational risk.

• Manages security vendors including Approved Scanning Vendors, Managed Security Service Providers, and external pen test vendors.

• Oversees Company Information Security operations.

• Executes and improves the core functions of the Cybersecurity Operations Center, including threat detection and prevention, incident response, systems and network security monitoring, forensics, vulnerability management, and data loss prevention at enterprise scale. Review’s computer security incident reports and anomalous activity of network and ensures ongoing proactive measures to mitigate risks as well as providing tier 1-2 escalation path for resolving security incidents

• Responsible for creating and maintaining dashboards that monitor infrastructure security and risks KPIs.

• Researches, develops, and keeps abreast of tools, techniques, and process improvements in support of security detection and analysis.

• Serves as an internal information security consultant on information security projects/initiatives, automation of security testing.

• Participates in major new system implementation projects to ensure that appropriate security controls are built into systems prior to production cutover.

• Works closely with the IT Architecture team to design and implement automated security controls in DevSecOps methodology along with the associated tools and processes.

• Ensures ongoing system and security health checks on identified high risk network segments, systems, and applications as well as follow up remediation.

• Uses tools and techniques to collect, analyze and aggregate data loss prevention, security information event management, privileged account management, and data encryption

• Ensures the monitoring of intrusion detection and security information management systems to discover and mitigate malicious activity on networks.

• Works with Investigation team(s) on serious security violations.

• Manages team to conduct root cause analysis for operational security issues.

• Drives process improvement and control implementation projects in coordination with the other Enterprise Information Service Teams.

• Acts as a catalyst for change to improve security processes that benefit the organization.

• Responsible for reporting risks that are identified to the appropriate team and/or management. Additionally, responsible for managing, monitoring, and reporting risks within the scope of your work area, to include, but not limited to Information Security risks.

Job Requirements:

• Bachelor’s degree in Information Technology plus minimum of 10 years of security related experience including at least 5 years of relevant management experience or equivalent training and/or experience.

• In depth knowledge of security processes.

• In depth knowledge of incident response, investigative, and forensic procedures.

• In depth knowledge of security tools including threat detection and prevention, systems and network security monitoring, vulnerability management, certificate services, data loss prevention (DLP), file integrity monitoring (FIM), endpoint protection (IDR/EDR), web application firewalls (WAFs), and SIEM technologies.

• In depth knowledge of PCI/DSS, SOX audits, and other industry audits.

• Broad knowledge of Identity Access Management, including PAM/PIM.

• Broad knowledge of enterprise systems, operating systems, and hardware platforms.

• Broad knowledge of storage technologies, local storage, Arrays, SAN's, IP-Storage, NAS, File Systems.

• Broad knowledge of cloud infrastructure and associated security controls.

• Basic knowledge of financial models and budgeting.

• Strong verbal and written communication skills, as well as excellent organizational skills.

• Excellent interpersonal skills in areas such as teamwork, facilitation, and negotiation.

• Excellent analytical and technical skills.

• Ability to understand the long-term ("big picture") and short-term perspectives of situations.

• Ability to apply multiple technical solutions to business problems.

• Ability to quickly comprehend the functions and capabilities of new technologies.

• Relies on extensive experience and judgment to plan and accomplish Enterprise objectives.

• Must have the ability to work with individuals of all levels with varying technical skills.

• Ability to work under pressure with minimal supervision, managing multiple projects simultaneously.

Preferred Certifications:

o CISSP

o CISM

o GIAC Security Leadership Certification

Personal Characteristics:

• Enthusiastic about problem solving and servicing the customer

• Must be a team player

• Ability to interface and communicate well across all departments of the organization

• Must have personal commitment to excellence and integrity

• Exhibits strong personal and moral character

• Comfortable working with executive level management internal and external to KKD

• Excellent oral and written communication skills

• Excellent documentation skills

• Highly organized, detail-oriented, and ability to meet deadlines

• Ability to manage multiple projects

• Customer-focused with the ability to remain positive & professional in is a fast-paced stressful environment

• Dependable, flexible, with a strong work ethic

• Strong troubleshooting skills in order to quickly resolve problems

• Commitment to follow up promptly to e-mail and voice mail communications from KKD and franchise personnel

• Willingness to have a “whatever it takes” attitude regarding working nights and weekends when required

• Ability to present conceptual information to all levels of management

Skills:

Information security, Risk management, Security policy, Security architecture, IT Security Management, cyber security, Endpoint security, Vulnerability management, Compliance, Vulnerability assessment, Firewall, Siem, Incident response, Cissp, It security, NIST

Top Skills Details:

Information security,Risk management,Security policy,Security architecture,IT Security Management,cyber security,Endpoint security,Vulnerability management,Compliance

Additional Skills & Qualifications:

PCI Compliance

SOX Compliance

NIST - They are not there yet, but working towards bringing in the NIST Framework into the environment

IAM would be a big help

BC/DR

Experience Level:

Expert Level

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Contact Information

Recruiter: Jean Chambers

Phone: (410) 579-3072

Email: jchambers@careercircle.com

Related Courses

Blog