Cyber Security Manager

Job Description – Security Incident Manager

The incumbent in this role applies advanced expertise for managing teams of Security Incident Response, manages team of individual contributors and/or technical leads providing subject matter expertise to functional project teams to deliver superior client satisfaction.

Security Incident Manager is responsible for understanding complex business information technology needs specifically focused on the information security infrastructure services in monitoring, investigating, and responding to security events. Plans, manages, and monitors operational/tactical activities of team for ensuring building and sustenance of a robust Incident Response team. Acts as people manager for Security Incident Response team for its deliverables; by advising enhancements to teams, by encouraging innovative methods adaption to prevent security vulnerabilities in diverse complexity scenarios. Provides guidance and prioritization to tasks, as well as assigning tasks and mentoring the team as needed. Provides long-term solutions to Information Technology needs, including protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

Competencies:

• Applies mastery and recognized authority on relevant subject matter knowledge including technologies, theories and techniques to manage, monitor and improve team activities in solving common and complex business critical deliverables issue.
• Actively participates in various projects within team and across functions to ensure that business, function, and geography “customers” are included appropriately and ensures that they receive sufficient and timely communications.
• Solve complex security issues by recommending solutions and advising to team to build their capabilities for effective service/incident resolution.
• Develop, publish, and conduct table-top exercise and trainings with the security response teams.
• Monitors team’s work, guides and owns the implementation of best approach for ensuring superior performance standards and client delivery consistency for security process / playbook stabilization.
• Possess and demonstrates excellent planning and prioritization skills.
• Encourages and develops team by providing support and guidance for technical and process related advice to team members to provide effective and timely service resolution before escalation.
• Inculcates the feedback garnering from clients and auctioning accordingly, including advising subordinates to analyze problems and experiment with methods for arriving at best approaches.
• Frequently represents the organization to external customers/clients. Exercises significant independent judgment and decision-making within broadly defined policies and practices to determine best method for accomplishing work and achieving objectives.
• Exceptional communication skills (both verbal and written) and interpersonal skills to collaborate well and manage teams across teams, different groups and geographies seamlessly.
• Collaborates highly with cross-functional teams to mitigate critical security risks and ensuring a healthy operating environment where solution alternative can be brainstormed.
• Promotes security best practices found in working with one business/function/geography to other business and function organizations.
• Keen eye for attention to detail and self-driven approach to identifying and solving problems.
• Provides technical leadership among a global team of highly skilled security analysts/subject matter resources.
• Responsible for assessing information risk and facilitates remediation of identified vulnerabilities for IT security and IT risk across the enterprise.
• Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios.
• Subject matter expert to answer questions and create resolutions using experience, best practices, and sound judgment.
• Conducts risk assessments and interviewing internal and external customers, to gain technical knowledge of security/compliance requirements and to support the business.
• Responsible for security audits and testing. Evaluates system security configurations to ensure efficacy and compliance with policies and procedures.
• Analyzes threats and current security controls as well as current team procedures/processes to identify gaps in the company’s security posture.
• Act as Incident Commander during critical incidents, coordinating all incident response activities, providing communications to senior management, and managing local resources as part of the response process.
• Mentor’s other analysts across the team, leading by example and insisting on high standards.
• Ensures procedural documentation of team functions are updated on a routine basis.
• Anticipates, identifies, and escalates appropriate issues to Manager/Director.
• Provides reports or data points as input to senior management on function-wide metrics and performance as well as provide input to KRI and KPI reporting, reports up on areas of opportunities and/or concerns.
• Ensures compliance with information security standards, policies, and procedures.
• Communicates and implements industry best practices and solutions employed in the information security space.
• Creative self-starter who can think through a task from start to finish and has the technological vision to support the operational and security needs of the enterprise.

What You’ll Bring

• Operational excellence in Security Managements tools and applications –

Intrusion Prevention System:

Network security: next-gen firewalls, cloud security group, ACLs

Logging and monitoring: SIEM and Cloud Access Security Broker (CASB)

Endpoint security: Antivirus, DLP and host compliance

Azure/AWS cloud services and infrastructure

• Good knowledge of cryptography, application security, access control, malware, exploits and vulnerabilities.
• In-depth technical knowledge and experience in cyber security threats, security controls, investigation, hardening and best practices.
• Ability to effectively convey complex issues and communicate to a variety of audiences including technical staff, peers, as well as senior management, and oversight bodies.
• Knowledge of technical infrastructure, networks, databases, and systems in relation to IT Security and IT Risk, Windows workstation and server administration experience
• Experience in product evaluation and managing vendor relationships.
• Experience managing projects with complex inter-dependencies, focusing on both long-range projects and immediate tasks.

Educational Qualification and Experience:

• Minimum of 15 years of formal education - Graduate / Postgraduate in Computer Science / Information Technology.
• Professional work experience between 10-13 and at least 6-8 years as a Lead / Team Lead for security incident response, utilizing industry leading network security monitoring technologies, application, web, database and Security Event and Information Management (SIEM), IDS/IPS, endpoint, email security gateways and DLP technologies.

License or Certification

CISSP, CISP, CEH, CCNA, Splunk / CRIBL, OSCP preferred.

FAI is committed to create an environment that respects, supports and inspires all individuals. We do not discriminate on the basis of color, religion, sex, gender identity, sexual orientation and age. At FAI, we celebrate diversity and believe that an inclusive workforce benefits employees, the organization and our community. We are an Equal Opportunity Employer