Our client is actively seeking an Information Security Operations Manager to join their team in the North Orlando area. In this role you will be responsible for the Security Operations Center that monitor and address cyber-attacks. You will drive the rollout of a robust security operations program across all technology platforms, secure rapid delivery of business value; and manage a security technologies team in protecting information assets.
- Safeguard information system assets and data by continuously monitoring security controls, analysis of threat indicators, and orchestration of security events remedy.
- Oversee all phases of Security Operations Center's (SOC) multi-year strategy, event monitoring, cyber-threat intelligence, security investigation, and delivery of information security services.
- Direct all activities within the security Incident Response Plan (IRP) or breach investigation to include detection, triage, analysis, containment, recovery, and reporting.
- Lead security technology controls implementation projects and provide hands-on support and reporting of security Key Performance Indication (KPI).
- Manage SOC vendor relationships, tools deployment, maintenance, and accountable for internal/external audits of the SOC.
- Enhance and maintain technology operations including Intrusion Detection/Prevention System (IDS/IPS), Identity and Access Management (IAM), Vulnerability and Threat Management (VTM), Endpoint Detection and Response (EDR), Advance Threat Protection (ATP), messaging gateway, and application security services.
- Implement and support 24x7 daily security services and program including Cloud Security Access Broker (CASB), User Behavior Analytics (UBA), and Security Incident and Event Management (SIEM).
- Identify security risks and exposures, determines the causes of security violations and implements solution to halt security incidents; and orchestrate adversary tactics, techniques and procedures (TTP).
- Coordinate application security, systems and web services vulnerability resolution through automated tools or manual techniques using attack methods including OWASP Top 10.
- Ensure the ongoing integration of information security with business process, requirements, and compliance.
- Develop, measure, analyze, and maintain the internal/external service metrics for Security Operations and timely reporting to leadership teams.
- Manage threat-hunting efforts to minimize security exposures by examining infrastructure, devices, processes, procedures and identifying security flaws, and using control analysis to follow up with a prompt solution.
- Develop techniques and procedures for conducting cyber security risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security.
- Supervise the administration and support of daily operational activities and processing of end-user security requests.
- Participate in risk assessments, compliance requirements, and the development of risk management plan.
- Partner with IT support, Development Operations, Legal, and Procurement teams to ensure the company's interests are appropriately accounted for in contractual language and technology services that enforces privacy and security considerations.
- Respond to a range of ad-hoc security consulting requests, including supporting teammates with security-related projects, and automation or tuning of threat signature or developing automation scripts.
- Mentor and train direct reports and co-workers on all aspects of the SOC program build and evolution.
- Works on-call shifts and timely security investigations.
- Works independently; receives minimal guidance.
- Performs any and all duties assigned by the supervisor.
Education and Experience:
- Bachelor's degree in Computer Science and;
- Ten (10) years' security experience or;
- Five (5) or more years of Security Operations Center (SOC) or Security Engineering management, and;
- At least one of the following certifications: CISSP, CISM, GCIH, CEH, AWS, Microsoft, or equivalent certifications.
- Hands-on experience managing SIEM (Security Incident and Event Management) solutions and log management technology such as Splunk, Rapid7 or LogRythm.
- Versed in managing Privileged Access Management (PAM) solutions and technology such as CyberArk, BeyondTrust or Thycotic.
- Skilled in deploying and supporting cloud–based security solutions and infrastructure such as Microsoft, Netskope or Proofpoint.
- Direct experience in technologies including Routing, Switching, Firewalls (network and application), Intrusion Detection/Prevention Systems, APT (Advance Persistent Threat), Directory Services, cloud and hybrid technology (SaaS), vulnerability and remediation management, Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), Web Security Gateways and Email Security.
- Experience with frameworks and security controls; NIST Cybersecurity, NIST 800-53, ISO 27001 and SANS Top 20
- Direct experience administering security protocols with the following standards, laws and regulations: PCI-DSS, CCPA or GDPR
- Experience managing large, enterprise level projects.
- Excellent written and oral communication skills.
- Excellent critical thinking and analytical skills.
- Sense of ownership.
- Ability to manage time and multi-task effectively across multiple projects
Why Work Here?Founded on the idea that you wanted something better – Kolter’s approach to the customer experience, delivering superior service, and striving for integrity beyond reproach has fostered a special environment. We’re proud of the services we provide – and we're proud of our team!
Great company with excellent benefits and world class training in a fun, flexible, and enjoyable working environment!