Sr. Manager, Cyber Security Operations
|Location||Woodcliff Lake, NJ|
|Job Type|| Direct-hire/Full-time|
|Compensation||$135-$160,000 + Bonus|
|Job ID Number||DR9919072505|
In a newly established role, we are seeking an experienced, energetic, and innovative leader for our Senior Manager - Cyber Incident & Vulnerability Management position. This role reports directly to the Head of IT Compliance, which consists of IT Security, Privacy, Quality, and Information Governance. This is a fantastic opportunity for an ambitious individual seeking to envision, define, build, and operate two key areas of security operations in a dynamic and growing company. This position is a key diplomat to the rest of the IT organization, and requires coordination with global counterparts in Europe and Asia. The position consists of two main areas of responsibility:
First, this role develops and leads the Cyber Incident Management program. In partnership with key IT and business stakeholders, this leader will envision the future of incident management and redefine our mission, objectives, stakeholder management, and define a roadmap to support business objectives. In addition to the strategic role, this individual will handle the tactical, day-to-day management, development and oversight of tools and processes relevant to managing the life cycle of cyber events, incidents, and breaches.
Second, this role is responsible for developing and leading Vulnerability Management program. This includes establishing mission, objectives, stakeholder management, roadmap, and policy development. This role will manage the day-to-day aspects of vulnerabilities, which includes configuration of tools and processes to manage the life cycle of vulnerabilities in the company’s computing environment.
The person chosen for this role will be a key leader and trusted advisor in IT department working closely with internal and external IT providers. Outside of IT, this role will play an important diplomatic role raising awareness, arranging response exercises, being a trusted point person during event triage, and conducting post mortem readouts for various levels of leadership.
Required Education, Knowledge & Experience:
- BA/BS in Engineering, Computer Science, or Information Security.
- 2+ years’ experience configuring and using IBM QRadar.
- 5+ years working in IT Security, 3+ years working in an incident response team, 3+ years team leadership (security or non-security).
- Experience in program management, goal/mission/objective setting, aligning with stakeholders, driving outcomes.
- Experience with risk management principles and operationalizing risk management approaches.
- Working knowledge of NIST 800-53, ISO 27001/27002, Sarbanes-Oxley (SOX), and SOC standards.
- A passion for security, and a passion to envision, define, drive, and operate a critical function with high business value.
- Organization skills with the ability to multi-task and identify priorities, work with cross-functional global teams, and execute on schedule while managing long term strategic vision.
- Strong verbal and written communication skills, tailoring the context of the conversation to the audience (technical or non-technical). Excellent report writing and presentation skills.
- Calm, stable presence in chaotic and demanding situations such as high-impact security events. Ability to think on your feet and provide alternate paths to desired outcomes.
- Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly.
- Working knowledge of common attack vectors and penetration techniques.
- Experience analyzing system and application logs to investigate security and operational issues.
- Demonstrated experience establishing managed SIEM function, data flows, use cases, tuning, event investigating and triage.
- Strong knowledge of current enterprise detection and monitoring technologies and processes.
- Ability to work in an "on call" status as needed to handle urgent incident activities at any time of day or night.
- Fluent in the latest threat detection technologies, application security technologies, and analytics toolsets.
- Experience working in a managed service provider (MSP) environment; ability to devise and track KPIs with MSP.
Desirable Knowledge & Experience:
- Working knowledge of privacy laws (GDPR, CCPA, Massachusetts Data Protection Law).
- Experience with IBM security tools (Resilient, etc.), Qualys, Palo Alto.
- Work experience in a global company with global responsibilities.
- eDiscovery experience highly desirable.
- Pharmaceutical GxP knowledge/experience.
- CISSP, CISM, CHE or equivalent, relevant certification from a recognized body (e.g., SANS, ISC2, ISACA).
- Exposure to forensic media analysis and log file analysis.
- Coding/Scripting in any major language (.NET, Java, Python, Ruby, PowerShell, AWK, SED, Unix Shell Scripting).
- Advanced knowledge of network protocols and operating systems.
- Windows and Linux administration tools and concepts.
- Identify trends in machine learning, heuristics, and big data for security incident and event management.
- Exposure to eDiscovery and familiarity with Legal Hold and eDiscovery process flow.
US Citizens and those authorized to work in the US are encouraged to apply. We are unable to sponsor any candidates at this time.