a dynamic information technology staffing firm

Careers - Job Details

Cyber Security Manager

Summary:
BGI has the following full time, remote position available
 
Job ID/Number:
202212-2338
 
Posted Date:
9/1/2023
 
Job Location:
Remote
 
Position Type:
Full-time
 
Division:
Information Technology
 
Description:
Cybersecurity Manager
 
This position manages the daily operations of our security team. This includes management of our client's internal data governance, security products/ platforms and policies and procedures. The Security Manager will also take the lead on proactive investigation into new security standards and products to improve their internal and external (customer-facing) security postures, manage risk and optimize our management efficiencies. This position will also be responsible for cyber-incident response management, including working alongside our security partners (and any client-retained third-party incident response/forensic investigators).
 
 
 
Responsibilities
Security Team Management and Standard Operating Procedures (SOPs).
 
o  Define, document, manage and continually refine security team SOPsOptimize security management tools to maximize efficiency/efficacy
 
o  Once established, manage ongoing cybersecurity compliance activities, including scheduling and/or performance of controlled assessments
 
o  Identify opportunities for process improvement in detection, triage, task assignment, scheduling, coverage and efficiency
 
o  Provide input for information security policies, standards, processes, and procedures based on business requirements, risk tolerance and industry best practices
 
Advancing Atlantic’s Internal and External Security Products/Services.
 
o  Remain current on emerging security technologies, testing and deployment processes.
 
o  Recommend and implement proper security platforms for clients based on client demographic profiles (e.g. regulatory compliance needs, technologies, etc.)
 
o  Evaluate, anticipate and prevent threats (including new cybersecurity threats) through research and develop effective security controls, including disaster recovery
 
o  Design standards for implementation and support of complex security technology platforms
 
Internal Systems
 
o  Implement managed security services solutions for internal systems & networks
 
o  Advise on design, implementation and maintenance of effective information security controls
 
Education and Presentations
 
o  Train and manage direct staff on SOPs and security risk and mitigation strategies
 
o  Assist in designing programs to educate technical staff on security products, processes and related relevant considerations technical team support responsibilities
 
o  Collaborate with the Sales and Marketing teams on security opportunities (including customer-facing engagements). Present security offerings to clients and internal staff
 
Audits/Incident Responses/Questionnaires
 
o  Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy
 
o  Evaluate potential security breaches, coordinate response and recommend corrective action, including working with third party incident response teams and providing updates to key stakeholders.
 
o  Design processes and template around security compliance questionnaires.
 
o  Where necessary, assist to complete security compliance questionnaires (internal and external
 
Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools[JW1] 
 
 
 
Personnel
 
o  Recruits, retains, and motivates highly-talented staff and balances the need to allocate tasks efficiently with the need to keep talent engaged, challenged, and growing
 
Metrics
 
o  Develop and maintain the appropriate metrics (KPIs) to track and report on performance, produce and disseminate monthly metrics / scorecards for management review
 
Qualifications
  • Bachelors degree from an accredited institution, with degree preferred in Computer Science or Information Technology Systems Security or related field
  • Minimum of 5 years (within the last 7 years) of experience in Cybersecurity.
  • Excellent working knowledge of security administration and information technology governance in a multiplatform environment
  • Demonstrated ability to lead security projects, including working with highly effective cross-functional teams
  • Experience with regulatory and industry standards such as PCI, CCPA, NIST Framework, CIS 20, etc.Experience establishing cybersecurity and risk metrics for reporting
  • Strong emotional intelligence with demonstrated sustained leadership in an organization or customer base including multiple stakeholders.
  • Demonstrated management skills in budget development, administration, policy development and implementation, personnel administration, and staff training and development
  • Exceptionally effective oral and written communication skills
  • Thorough understanding of systems architecture and design for Intrusion Detection/Prevention, Virtualization, and Cloud deployments
  • Ability to work in a high-pressure environment with changing priorities
  • Required certifcations include CompTIA Security+, Microsoft Certified: Security Operations Analyst Associate
  • CompTIA Cybersecurity Analyst (CySA+), CompTIA Advanced Security Practitioner (CASP+) and Microsoft Certified: Azure Security Engineer Associate a plus[JW2]
  • CISM and CISSP certifications a plus
  • Managed Service Provider background is a plus
 
 
 
close (X)