Senior Information Security Manager - Nationwide Relocation

Location: San Luis Obispo, CA
Date Posted: 07-13-2017
Job description:

The Senior Security Manager is a hands-on role involving managing team in designing, deployment and support of complex security products to ensure that our applications and infrastructure are implemented to the highest standards thus maintaining and enhancing customer trust.

The Security Manager‘s responsibilities include security system deployments, configuration, monitoring and reporting. This position will have a lead role in performing vulnerability assessments, security testing, and working with security and development teams on remediation and mitigation of findings.

The Security Manager needs experience in providing architecture support of the security infrastructure. The Security Manager will need to work collaboratively with other team members and with external information security technology vendors to identify advanced threats and prevent compromise. The Security Manager will be engaged in critical decisions involving risk, incident response, and security process improvements in critical infrastructure that require unwavering integrity and moral character. The Security Manager will participate in security audits, risk analysis, vulnerability testing and security reviews on many elements of our systems.

  • Manage team of highly skilled security professionals with strong team dynamics.
  • Experience with analyzing, troubleshooting, and investigating security-related anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
  • Experienced with maintaining, configuring, and analyzing network and host-based security platforms
  • Experience with some or all of the following: TCP/IP | OSI Model, system logs (WMI, syslog, etc.), antivirus, IDS/ IPS, packet analysis, configuration standards, Group Policy, Vulnerability analysis, Event Correlation, Forensics, IDS/IPS, rule sets and signature creation, web application security, pen-testing, reverse engineering, Honeypots, IOC, advanced threat detection, code analysis. Data Loss Prevention (DLP), Log Indexing and Correlation platform, Network Access Control (NAC), Physical access control systems
  • Identify security issues and risks, and develop mitigation plans
  • Evaluate, Architect, design, implement and support security-focused tools and services including project leadership roles
  • Develop and interpret security policies and procedures
  • Mentor members of the team
  • Participate in security compliance efforts (e.g., PCI, DSS, SOX)
  • Develop and deliver training materials and perform general security awareness and specific security technology training
  • Acquisition and vendor risk assessment due diligence
  • Evaluate and recommend new and emerging security products and technologies
  • Participate in incident handling
  • Participate in projects that develop new intellectual property
  • Evangelize security within Company and be an advocate for customer trust
  • Maintain and update relevant system and process documentation and develop ad-hoc reports as needed
  • Provide reoccurring reports for network and host-based security solutions
  • Experienced with the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes
  • Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team environment
Strategy & Planning:
  • Evaluate documented resolutions and analyze trends for ways to prevent future problems
  • Research and recommend innovative, and where possible, automated approaches for system administration tasks
  • Identify approaches to solutions that leverage our resources and provide economies of scale
  • Keep current with the latest technologies
Project Management:
  • Organize and lead projects based on stakeholder requirements
  • Manage project milestones and deadlines
  • Communicate effectively across groups to accomplish project tasks

  • A minimum of 7-10 years IT experience; at least 5 of those years focused on IT security, infrastructure or application- level vulnerability testing and auditing, and/or network security, at least 3+ years managing direct reports
  • Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings
  • Comfortable working on both Linux-based, MS Windows-based and OSX-based system platforms with a strong IT technical understanding and aptitude for analytical problem solving
  • Strong understanding of enterprise, network, system and application level security issues
  • Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks
  • Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
  • Understanding of the system hardening processes, tools, guidelines and benchmarks. Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
  • Experience managing multiple technology projects simultaneously
  • Knowledge of Linux, Windows, OSX systems
  • Working knowledge of a range of diagnostic utilities
  • Exceptional written and oral communication skills
  • Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills
  • Strong documentation skills
  • Working knowledge of industry-specific regulations (ITIL v3, AT101, SOX, PCI, HIPPA) required
  • Bachelor’s degree in Computer Science, Information Technology or related field or a combination of education and experience
  • Any of the following: Juniper Network Certified Network Associate (JNCIA-Junos), Juniper Network Certified Specialist Security (JNCIS-SEC), Juniper Network Certified Professional Security (JNCIP-SEC), Juniper Network Certified Expert Security (JNCIE-SEC)
Personal Attributes:
  • Ability to conduct research into a wide range of computing issues as required
  • Ability to present ideas in user-friendly language
  • Highly self-motivated and directed
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • Exceptional customer service orientation
  • Experience working in a team-oriented, collaborative environment
  • Have a strong desire to learn continually and grow professionally

this job portal is powered by CATS