About the Role: The IT Security team is responsible for the oversight and execution of a cloud-first Information Security, Business Continuity and Risk Management programs to support our business goals. This includes, but is not limited to security operations, vulnerability and patch management, incident response, disaster recovery, business continuity, risk identification and mitigation planning / implementation, identity management, network security, privacy, and compliance. In the Manager, Security Operations role, you will be working to help build and maintain security programs at a rapidly growing IT shared services company. You will report directly to the Chief Information Security Officer and be responsible for execution and oversight of day-to-day security monitoring and response, identification, and handling of security events, as well as executing numerous other security programs. This includes, but may not be limited to:
Responsibilities: - Leading the company's Security Operations team made up of in-house resources as well as an external SOC provider
- Optimizing detection and response capabilities with a focus on automation
- Participation in monitoring, validating, classifying, and responding to SOC escalated security events
- Performing regular assessments on detection and response controls to improve the security posture and prevent regression
- Driving maturity of the company's security operations procedures including the Incident Response framework
- Leading and maturing the organization's Threat Hunting Program
- Conducting forensics and root cause analysis on escalated or repeat security events as well as lead the build out of a DFIR team under Security Operations
- Execution of vendor, infrastructure, M&A, and other security reviews as necessary
- Execution of periodic user access reviews on critical systems and data
- Driving identification and reporting of vulnerabilities and associated remediation
- Collection and presentation of key Security Operations Metrics
- Accurately assesses performance of direct reports. Provide timely feedback and coaching to develop talent.
Requirements: - Bachelor's degree in Computer Science, Information Security, or a related field.
- 7-10 years of experience in Security Operations roles, preferable managing a Security Operations Center
- Strong Microsoft 365 and Azure background
- Microsoft Sentinel experience
- Possession of or ability to obtain professional certifications in information security or risk management, such as a CISSP, CISM, CEH, or forensic certifications.
- Strong knowledge of security, regulatory, and control frameworks, such as ISO270001, HIPAA, GDPR, NIST, and CIS.
- Self-starter who demonstrates strong ownership of their domain and can benchmark the current state, propose improvements, and implement with little supervision
- Interpersonal and collaborative skills and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
- High level of personal integrity, and the ability to professionally handle confidential matters.
- Natural passion for security and strong drive to see both projects and investigations to completion
- Strong coaching and team building skills with the ability to motivate others through direct and indirect reporting relationships to achieve objectives.
It is impossible to list every requirement for, or responsibility of, any position. Similarly, we cannot identify all the skills a position may require since job responsibilities and the Company's needs may change over time. Therefore, the above job description is not comprehensive or exhaustive. The Company reserves the right to adjust, add to or eliminate any aspect of the above description. The Company also retains the right to require all employees to undertake additional or different job responsibilities when necessary to meet business needs.
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future. Benefits & Perks: - Time Off: 25 days of PTO for full-time employees and 12 company holidays.
- Company Paid Benefits: Life insurance, Short-term disability, Long-term disability, Paid parental leave, Employee Assistance Program, and medical insurance in our high deductible health plan.
- Optional Employee Paid Benefits: Medical insurance in our EPO plan, Dental benefits, and Vision benefits. We also offer Health Savings Accounts, Flexible Spending Accounts, Supplemental Life insurance, and more.
- 401(k): Eligible after 60 days. Discretionary company match of 50% up to the first 6% of contributions.
EQUAL OPPORTUNITY EMPLOYER ALCORITY IS AN EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER. THE COMPANY'S POLICY IS NOT TO DISCRIMINATE AGAINST ANY APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, NATIONAL ORIGIN, GENDER, AGE, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, MENTAL OR PHYSICAL DISABILITY, AND GENETIC INFORMATION, OR ANY OTHER BASIS PROTECTED BY APPLICABLE LAW. THE FIRM ALSO PROHIBITS HARASSMENT OF APPLICANTS OR EMPLOYEES BASED ON ANY OF THESE PROTECTED CATEGORIES.