Manager, Cyber Security

OVERVIEW

 

The Company

 

Common Securitization Solutions (CSS) is seeking an experienced Manager, Cyber Security to join our team of talented professionals. This is a full-time remote opportunity. 

 

CSS built and operates the largest and most advanced mortgage securitization platform in the world, supporting the Uniform Mortgage-Backed Security (UMBS) of Fannie Mae and Freddie Mac.

 

Supporting 70% of the mortgage-backed securities in the market, CSS provides best-in-class single-family issuance, bond administration, disclosure, and tax services. We support a broad portfolio of products for our clients with full lifecycle management.

 

Our market-leading, cloud-based, end-to-end platform executes transactions on an extraordinary scale which has bolstered liquidity in the secondary mortgage market, one of the largest and most important financial markets in the world. Our unique approach to securitization combines the best minds in financial services with the know-how, flexibility, and innovation of leading technologists.

RESPONSIBILITIES

 

Job Information

The Manager, Cybersecurity Defense, will be responsible for providing leadership and managerial support of all Cybersecurity Defense analysts through feedback, goal reviews, and support the priorities and goals across the infosec space.  Additionally, the role will be to directly provide operational support of the CSOC through providing key Threat Intelligence, Detection and Response Services for the CSP. The ideal candidate will be a Cyber Security specialist with strong background in threat intelligence and analysis, security monitoring and Incident Response for a cloud-based services environment and substantial experience managing Cyber security operation teams. A well-qualified candidate will be comfortable working with management to educate on cyber threats and handle sensitive matters.

 

Key Job Functions

• Work with leaders from Infosec and other area to support team planning, business and other organizational priorities.
• Provide leadership to cybersecurity analysts through day-to-day feedback, coaching, and review of performance against defined goals and activity. 
• Support the Cybersecurity Sr. Director in tackling issues, priorities, and engaging with stakeholders across CSS to represent cybersecurity, information security, as well as addressing risk from multiple perspectives. 
• Perform threat and vulnerability assessment and provide subject matter expertise on appropriate threat mitigation.
• Identify intrusion activity by leveraging alert data from multiple sensors and systems and determine priority for response.
• Leverage threat intelligence e.g. FSISAC, while actively monitoring critical financial services infrastructure.
• Assess the impact of potentially malicious traffic on company network and infrastructure.
• Perform in-depth analysis in support of network monitoring and incident response operations.
• Perform live incident response (reactive and proactive incident management) by identifying and remediating malicious applications and infrastructure components.
• Collaborate with other Information Security and IT team members to develop and implement innovative strategies for monitoring and preventing attacks.
• Develop and support appropriate metrics to measure the monitoring program and related process.
• Develop, test, and deploy new correlation content and use cases using SIEM filters, rules, data monitors, active lists, and session lists
• Conduct research of emerging security threats.
• Propose additional components and techniques that could be used to proactively detect and prevent malicious activity.
• Provide other services as a key member of the Cyber Security Operations Team: - Security review and administration of changes to networks, servers and end point devices in collaboration with network operations. - Security sensor policies for IDS/IPS, Firewalls, web security gateway, logging. -Investigations and Forensics.

QUALIFICATIONS

 

Education   

• Bachelor's Degree or equivalent required.

Minimum Experience  

• Minimum 10 years of related work experience in Cybersecurity.
• Minimum 5 years in cybersecurity engineering experience.
• Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future. CSS does not offer H-1B sponsorship for this position.

 

Specialized Knowledge & Skills     

• Experience managing a team of Cyber Security professionals within a security operation center environment.
• Experience leading a team of Cyber Security professionals or analysts in a SOC/NOC environment.
• Experience working and managing cybersecurity tools, applications, as well as implementing and engineering cybersecurity applications.
• Solid understanding of cloud based critical infrastructure systems security threats.
• Deep experience with Cyber Security in the domains of cyber threat intelligence and analysis, security monitoring and Incident Response for a cloud-based services environment.
• Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, understanding of attacks, and determination of countermeasures.
• Detailed experience of network and system vulnerabilities, malware, networking protocols, multi-tiered applications, and attack methods to exploit vulnerabilities.
• Experience in a technical security role, including network security, operating system security, Internet or Web security, Data Loss Prevention (DLP), anti-malware, IDS/IPS, and penetration and vulnerability testing.
• Strong knowledge of networking fundamentals such as TCP/IP and basic packet analysis.
• Candidate must have a working knowledge of network engineering and local and wide area (LAN/WAN) technologies and topologies.
• Must have experience with security and monitoring tools (i.e. - Log management, e.g. Splunk, Firewall management, e.g. Fortinet, IDS/IPS, SIEM, etc).
• Knowledge and experience in Windows / Linux Operating Systems, baseline security configurations, audit, forensics, Patch Management for these OSs.
• Experience developing Standard Operating Procedures (SOPs), job aids, and hands-on training materials.
• Be able to work in fast paced environment with occasional on-call activities.
• Excellent interpersonal skills, presentation skills, and verbal / written communication skills.
• Self-starter; adaptable to change; motivated to set personal and program goals and pro-actively track performance against goals and initiatives.
• Ability to manage multiple priorities - projects, deliverables, and stakeholders.
• Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives.
• Active in the security industry; equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technologies.
• CISSP, CISM Certification desired.

 

Pay Range $156,500 to $181,000

CSS's pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) a candidate's qualifications, skills, competencies, and experience, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.  CSS offers a competitive total compensation package, which includes a performance bonus, 401k match, healthcare coverage, PTO, and a broad range of other benefits.

 

Employment

As a condition of employment with Common Securitization Solutions, any successful job applicant will be required to  successfully complete a background investigation, which may also include a credit check for positions in some areas of our business.   

     

Common Securitization Solutions is an Equal Opportunity Employer.

 

##LI-Remote

Employment Type: FULL_TIME