Information Security Operations Lead/Manager

Carmel Office•Carmel, IN

17h•Hybrid

About The Position

enVista is seeking an Information Security Operations Lead or Information Security Operations Manager. This position will play a key role in the growth of enVista’s Information Security team. The successful candidate will be responsible for day-to-day operation of enVista’s Information Security tools and technologies. At the Manager level, the successful candidate will also have people leadership responsibilities and oversee initiatives to formalize security operations practices and drive efficiency through automation. The successful candidate will be comfortable with daily hands-on engagement with enVista’s security tools and processes while collaborating closely with enVista’s Infrastructure and Modern Workplace teams. The successful candidate will work across all levels of the organization and with enVista’s customers to encourage a secure culture and drive optimal cybersecurity outcomes. At the Manager level the candidate will lead, develop, and mentor a small team of Security Analysts. The ideal candidate for the role should have a strong background in SIEM/SOAR operations, incident response, and solid interpersonal skills. This is more than just a cybersecurity role, it’s an opportunity to be a thought leader and change-maker at a pivotal time in enVista’s journey. We are investing in our people, systems, and future, and we’re looking for bold innovators who want to build with us.

Requirements

Bachelor’s degree in Computer Science, Management Information Systems, Information Security, Cybersecurity, or a related field. A combination of equivalent experience and certifications will also be considered.
7 – 10+ years leading or working in a Security Operations Center or Incident Response Team (Manager)
5 – 7 years working in a Security Operations Center or Incident Response Team (Lead)
At least one of the following certifications: Certified Information Systems Security Professional (CISSP), GIAC Security Operations Manager (GSOM), GIAC Certified Incident Handler (GCIH), Certified Information Security Manager (CISM), or Offensive Security Certified Professional (OSCP)
Experience leading information security incident response
Previous experience in implementing documented repeatable security operations processes
Experience working with Endpoint Detection and Response (EDR) toolsets, Managed Detection and Response (MDR) service providers, email security solutions, SOARs, and SIEMs
Experience with eDiscovery and information protection toolsets (e.g. Microsoft Purview)
General understanding of security technologies including vulnerability management solutions, firewalls, IDS/IPS, CASB, NAC, DLP, VPN's, SSE, endpoint management solutions, Privileged Access Management (PAM) solutions, and general network/security concepts
Experience with security automation technologies and scripting languages (Python, JSON, YARA, TAXI/STIX, etc.)
Prior experience working with Microsoft technologies including Active Directory (AD), Azure, Defender, EntraID, Intune, Purview, and Sentinel
Familiarity with other security and technology platforms including Okta, CISCO DUO, AWS, and GCP
Exposure to control and security frameworks, particularly the AICPA Trust Service Criteria (SOC2), ISO 27001, NIST CSF, and HIPPA/HITECH/HITRUST
Proficient with Microsoft Office Suite and Office365 (i.e., Teams, SharePoint)
Experience within a Managed Security Service Provider (MSSP) environment
Ability to communicate and drive for optimal security outcomes across all levels of the organization and engage with current and prospective clients
Excellent verbal and written communication skills
Remain current with emerging cyber security threats and advise relevant stakeholders on the appropriate course of action
This position will be manager of people
The successful candidate will be required to be present, in-person, Monday – Thursday in enVista’s Carmel, Indiana office

Responsibilities

Responsible for day-to-day coordination of Security Operations activities including ticket and request handling, incident triage, escalation, containment and remediation
Ensure all requests are tracked and handled with the corresponding level of urgency
Accept and resolve the most complex security incidents that cannot be resolved by the IT Operations Team or less experienced Security Analysts
Lead incident response investigations, coordinate response activities, and update leaders while maintaining confidentiality
Oversee the daily configuration and maintenance of core security tools including EDR, NDR, email security solutions, and SIEMs
Respond to requests for investigations including eDiscovery requests and configuring records retention
Establish and document repeatable security operations processes and procedures and ensure they are followed by the Information Security Team
Implement automation for repetitive security response and maintenance activities
Support associated security activities including security engineering, threat hunting, vulnerability management, penetration tests, and GRC processes
Participate in the process to on-board new clients to enVista’s managed security services
Frequent interface with vendors and service providers to ensure timely response to support requests and adherence to Service Level Agreements (SLAs)
Coordination of industry information sharing organization relationships
Development of Security Operations metrics and reporting to management
Lead, mentor, and develop a team of Security Analysts with an aim to scale-up in the future (Manager)
Temporarily lead the Information Security team in the Director’s absence (Manager)
Periodic travel to client sites, conferences, or industry events (Up to 20%)