Security Operations Manager

The person in this position will provide oversight for the Managed Security Service Provider (MSSP), Managed Service Providers (MSP), and a team of security analysts and contractors, to provide real-time, continuous cybersecurity monitoring and triage; uninterrupted event detection; incident analysis, coordination, and response; situational awareness; and implementation of solutions and controls to maintain a secure cybersecurity and information assurance posture.

Job Responsibilities:

- Manage a team with various skill sets to provide security operations across the Enterprise.

- Create and sustain a team environment.

- Ensure Managed Security Service Provider (MSSP) and Managed Service Providers (MSPs) meet all service level agreements, metrics, and deliverables.
- Manage communications and coordination with the Managed Security Service Provider (MSSP) and/or Managed Service Providers (MSPs) during incidents.
- Function as the primary contact for escalations and issue resolution with the Managed Security Service Provider (MSSP) and Managed Service Providers (MSPs).

- Maintain 24x7x365 situational awareness of the cybersecurity posture and threat landscape.

- Deliver expert advice and update KPIs regarding the security status of the FMC environment.

- Coordinate and provide various service reports on cyber-threat intelligence situation.

- Develop plans and procedures for security incidents, threat assessment and threat hunting.

- Diagnose and resolve any issues to ensure availability of security infrastructure and services.

- Provide guidance on the latest security practices, tools, and technology.

- Support the architecture, design, and administration of FMC’s Security Infrastructure.

- Maintain and oversee FMC’s Vulnerability Management Program.

- Provide project management, direction and leadership for security projects and initiatives.

- Plan, implement, and test security systems based on identified security requirements.

- Assess security risks and make recommendations to secure new applications and solutions.

- Engagement with senior IT staff to drive security decisions and implementation approaches.

- Assist in the development, implementation, and monitoring of security policies and controls.

- Review security reports and investigate suspected or actual security violations.

- Support audits to ensure compliance with required standards, procedures, and guidelines.

- Evaluate security products and/or procedures to enhance productivity and effectiveness.

- Provide direct support to the business and IT staff on security related issues.

- Advise functions on security policies and security issues regarding user built/managed systems.

- Work across teams and collaborate closely with peers to deliver security compliant solutions.

- Manage vendor relationships and maintenance/support contracts.

Required Experience:

- 8+ years of combined IT and security work experience

- 5+ years of experience with information security and any associated common information security frameworks such as NIST, ISO 27001, SOX, GDPR, etc.

- Experience working with a wide range of cybersecurity technologies such as endpoint protection; vulnerability management; intrusion detection/prevention systems; firewalls; SIEM; etc.

- Understanding of security issues, techniques, and implications across multiple computing platforms and/or operating systems.

- Knowledge of infrastructure networking, systems and/or operations.

- Familiarity of process and/or production control networks is a plus.

- Certifications in the information security domain and/or project management are desired.

Education:

- Bachelor's degree in computer science, computer engineering, management information systems, information technology, or a similar field.

- An equivalent combination of education, technical training, or work/military experience may be substituted for a degree.