The Senior Manager, Security Operations will help ensure the ongoing integration of information security with business strategies and requirements across a broad spectrum of business initiatives to enhance our culture of security. This individual will be responsible for providing the strategic direction of the security operation program to support our on-prem and cloud environments with the intent of ensuring that the company's digital assets are protected from unauthorized access through the design, implementation and maintenance of a robust Security Operations program. This individual will lead a team of technical staff performing activities such as: monitoring and analysis, security incident management, threat intelligence & hunting, non-compliance reporting and user activity monitoring in accordance with organizational policies and procedures.
Ideal candidates will have strong backgrounds in cloud technologies, automation and scripting and security administration. Must be a US citizen with ability to prove citizenship.
Accountabilities
- Provide leadership and direction for day to day activities across the Security Operations Center (SOC)
- Drive implementation and improvement of new tools, capabilities, frameworks and methodologies across all teams within the SOC
- Accountable for the timeliness and efficiency of identification, isolation, mitigation and reporting of critical incidents by the SOC
- Promote and drive implementation of automation and process efficiencies, considering continual improvement and technical advances
- Positively influence morale via coaching and leadership of a team, while demonstrating a strong positive attitude
- Communicate to a wide range of internal and external security stakeholders
- Translate issues into solutions, identifying risks and impacts and facilitate management decision-making
- Guide efforts with key stakeholders to assess security threats and establish new control measurements and alerting criteria to maintain operational efficiencies
- Manage issue identification and collaborate with internal customers, operations staff and management to determine resolutions and recommend alternatives to management to achieve desired department objectives based on findings and data available
- Drive team communication and outreach by maintaining relationships with peers and other security contacts
- Leverage experience to evaluate the adequacy, effectiveness and execution of our program, recommending and driving improvements or enhancements in alignment with internal strategies, industry best practices, standard security frameworks and regulatory guidance
- Develop and manage team tools, applications and processes to strengthen and optimize team capabilities, as well as identify gaps or technical solutions to further enhance the team's effectiveness
- Perform other duties as assigned
Qualifications
- 10+ years of Information Security or Technology experience with at least two years of management experience
- Advance knowledge in planning, directing and managing Computer Incident Response Teams/SOCs
- Experience in network, host, data and/or application security in multiple operating system environments; experience with administration of on-prem and cloud based SIEM technologies; experience with user and entity behavior analytics, security orchestration, automation and response (SOAR), threat intelligence platforms and tools
- Experience with cloud-based security technologies across multiple cloud platforms
- Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, email and access-lists
- Experience migrating applications and security tools from on-prem to cloud
- Advance knowledge of collaborating with vendors to research and evaluate emerging cloud technologies, proactively recommend improvements and plan implementation of new technologies
- Advanced knowledge of compliance and governance initiatives to support InfoSec including industry standards and legal and regulatory frameworks (i.e., ISO, NIST, PCI-DSS, etc.)
- Excellent skills in setting, communicating, implementing and achieving business objectives and goals through the direct and indirect leadership of others
- Excellent communication (verbal and written); interpersonal; customer service and presentation skills with the ability to interact with all levels of management to convey cybersecurity and risk management best practices
- Big picture thinker with the ability to translate into actionable efforts
- Excellent organization/project planning, time management and change management skills across multiple departments with the ability to perform delegation skills involving prioritizing and reprioritizing projects and managing projects of various size and complexity
- Excellent problem-solving experience involving leading teams in identifying, researching and coordinating the resources necessary to effectively troubleshoot and diagnose complex project issues
- Security certifications, such as CEH, CompTIA Network+, CWAPT Certified Penetration Tester, Certified Reverse Engineering Analyst, Security+ or CISSP
LexisNexis, a division of RELX Group, is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form: https://forms.office.com/r/eVgFxjLmAK .
Please read our Candidate Privacy Policy.