Security Operations Lead

12+month renewable / 75-80hr / Security Operations Lead

The Security Operations Lead leverages extensive experience in information systems and security to implement and manage security systems and practices that adapt to changing threats over the long term. The Security Operations Lead oversees the Security Operations Center, Incident Response and the Posture Management program, and works closely with other IT practice leads to ensure security standards are implemented across the organization.

Candidate must have strong hands-on technical background, and quality experience managing Security Operations organizations.
Candidate must be highly collaborative and is expected to mentor and partner effectively with SecOps and other teams on an ongoing basis.

Position Responsibilities

• Contributes to the development and maintenance of the Information Security Strategy and related roadmaps.
• Works closely with other IT managers and staff to ensure that security is appropriately addressed in the implementation and operation of all IT services, systems and platforms.
• Maintains deep expertise in the growing body of IT security vulnerabilities, threats, exploits and mitigations.
• Serves as lead engineer supporting Security Operations and Incident Response.
• Owns and manages the Security Operations and Incident Response organization, systems and services.
• Owns and manages the Posture Management program.
• Evolves the SecOps services in response to audits, penetration tests and other relevant inputs.
• Manages service delivery and service levels through approved outsourced service providers.
• Maintains collaborative, collegial SecOps culture.
• Manages SecOps staff, balancing career goals with department needs.
•  

Experience/Skills ( 10+ yrs )

• Extensive experience managing Security Operations org and services ( SOC, Vulnerability Mgt, Incident Response, etc… )
• Extensive expertise in NIST and ISO 27000 security practice frameworks.
• Extensive hands-on experience with security infrastructures ( e.g. Firewalls, IDS/IPS, VPN, Web Content Filters, Proxies, DLP, SIEM, Log aggregation and correlation technologies )
• Experience / expertise with Splunk or Sentinel
• Proficiency with scripting / programming languages ( e.g. Python, Ruby, Powershell )
• Experience securing and managing Cloud infrastructures (e.g. Azure, AWS, GCP )
• Familiarity with international data privacy regulations and best practices.
• Demonstrable expertise with configuration automation practices and toolchains (e.g. Chef, Puppet, Ansible, etc…)

Education:

• Bachelor's or master's degree in computer science, information systems or other related field, or equivalent work experience.
• Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender ( GCED )