Security Operations Manager

About The Position

Requirements

• 5+ years of technical experience working in the Information and Cyber Security field required. 7-10 years preferred.
• 2+ years demonstrated success in managing a 24/7 security or technical operations team.
• 5+ years of overall people management preferred.
• Ability to analyze systems based on business and technical user stories/requirements to design solutions that best meet the overall objectives of stakeholders
• Ability to strategically analyze and articulate risks, benefits and opportunities associated with a proposed design or solution.
• Demonstrated ability to design and implement complex infrastructure, applications, networks and systems with the goal of meeting business and security objectives
• Demonstrated ability to design modifications to existing systems that improve security without compromising business objectives
• Ability to design complex information security systems that impact multiple domains across Service Operations and Software Engineering
• Ability to review and mentor the work of others in evaluating business objectives, detailing security user stories and generating technical specifications
• Champion information security throughout the organization
• Ability to estimate total costs of proposed solutions, including effort, acquisition costs and on-going costs

Nice To Haves

• Experience leading multiple large projects, leading definition, selection and implementation of security tools, technologies and processes.
• Hands-on experience implementing and administering information security, infrastructure and software systems.
• Experience evaluating potential solutions, selecting and recommending the best solution
• Experience producing design documents that are used by others to effectively implement solutions.
• Experience designing and implementing security technologies, such as IDS/IPS, SIEM, access controls, encryption and forensic tools.
• Experience managing vendor relationships.

Responsibilities

• Information Security Architecture, Systems Design and Implementation: Develop UNOS’ cyber security posture and lead continuous evolution of capabilities to protect and preserve critical information
• Conceive, architect, and direct implementation of the systems and processes that provide detective, preventive and corrective infrastructure controls for all UNOS operating environments.
• Own the strategic vision for UNOS’ infrastructure security architecture, including policy and frameworks, and ensure that they are aligned with overall business, IT, and operational strategies.
• Develop and maintain information security architectural goals and roadmap
• Support secure development lifecycle practices that emphasize early security design review to ensure that rapid iteration stays firmly planted in a strong security foundation.
• Partner with the Enterprise Architecture team, being the security subject matter expert and lead for technical design of information security systems and architecture
• Perform ongoing evaluation and assessment of the business need for information security systems and make recommendations to change the architectural roadmap
• Develop security solutions by analyzing information requirements; determining systems architecture, components, and technologies; studying business operations and user-interface requirements.
• Thorough knowledge of, and experience with industry, best-practice approaches to information security, information assurance (e.g. SOC 2 Type II, NIST SP 800-171) and risk management.
• Develop analytical models and complete validation tests to confirm security architecture capability and flexibility.
• Test design features to determine success of design of solutions and impact to business needs
• Work with technology teams in Infrastructure, Data and Software Engineering and Business Development to ensure architecture goals are coordinated in all areas
• Remain current with information and cyber security technologies and trends
• Project Consulting: Provide consultative resources to project teams to ensure security architectural goals are being met
• Participate in project initiation to provide mentoring and guidance on secure design
• Team Leadership and Improvement: Lead, mentor and train staff on information security technologies and processes
• Coach the Security Operations team in management of information security tools (e.g. Splunk, CrowdStrike, Tenable).
• Oversee Security Incident Response program, including training and regular testing.
• Participate in regular process improvement activities and operational metrics design and tracking.
• Information Security Technology Operational Support: Act as the escalation point for chronic and high impact security operations support issues and assist in development of mitigation plans