View all jobs
Information Security Operations Manager
New York, New YorkJob Description/Responsibilities
The IT Security team is responsible for the oversight and execution of a “cloud-first” Information Security, Business Continuity and Risk Management programs to support our business goals. This includes, but is not limited to security operations, vulnerability and patch management, incident response, disaster recovery, business continuity, risk identification and mitigation planning / implementation, identity management, network security, privacy, and compliance.
In the Manager, Security Operations role, you will be working to help build and maintain security programs at a rapidly growing investment company as well as its associated holdings. You will report directly to the Chief Information Security Officer and be responsible for execution and oversight of day-to-day security monitoring and response, identification, and handling of security events, as well as executing numerous other security programs. This includes, but may not be limited to:
The IT Security team is responsible for the oversight and execution of a “cloud-first” Information Security, Business Continuity and Risk Management programs to support our business goals. This includes, but is not limited to security operations, vulnerability and patch management, incident response, disaster recovery, business continuity, risk identification and mitigation planning / implementation, identity management, network security, privacy, and compliance.
In the Manager, Security Operations role, you will be working to help build and maintain security programs at a rapidly growing investment company as well as its associated holdings. You will report directly to the Chief Information Security Officer and be responsible for execution and oversight of day-to-day security monitoring and response, identification, and handling of security events, as well as executing numerous other security programs. This includes, but may not be limited to:
- Leading detection and response capabilities with a focus on automation
- Participation in monitoring, validating, classifying, and responding to SOC escalated security events
- Conducting forensics and root cause analysis on escalated or repeat security events
- Performing regular assessments on detection and response controls to improve the security posture and prevent regression
- Driving maturity of the company’s Incident Response framework
- Execution of vendor, infrastructure, M&A, and other security reviews as necessary
- Execution of periodic user access reviews on critical systems and data
- Driving identification and reporting of vulnerabilities and associated remediation
- Collection and presentation of key Information Security Metrics
- Ownership of enterprise-wide Security Awareness Training program as well as becoming an advocate for Security within the company
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- 5+ years in a Security Operations, Analyst or similar role
- Strong Microsoft 365 and Azure background, Sentinel experience a plus
- Possession of or ability to obtain professional certifications in information security or risk management, such as a CISSP, CISM, CEH, or forensic certifications.
- Strong knowledge of security, regulatory, and control frameworks, such as ISO270001, HIPAA, GDPR, NIST, and CIS.
- Self-starter who demonstrates strong ownership of their domain and can benchmark the current state, propose improvements, and implement with little supervision
- Interpersonal and collaborative skills and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
- High level of personal integrity, and the ability to professionally handle confidential matters.
- Natural passion for security and strong drive to see both projects and investigations to completion.