Cyber- Security Operations Manager
Cyber-Security Operations Manager
Job Number: 21-01857
Use your skills where innovative technology solutions begin. Eclaro is looking for a Cyber-Security Operations Manager for our client in Redwood, CA.
Eclaro’s client is a leading technology solutions provider, collaborating with customers to manage their needs and achieve success in their business goals. If you’re up to the challenge, then take a chance at this rewarding opportunity!
- You will serve as the overall lead, manager and administrator.
- As an administrator, you will be responsible for direct hands-on administration of their existing tools and cyber-security infrastructure.
- As a manager, you will lead and build a small technical team of engineers and drive the delivery of security functions in your area (security engineering, threat response, vulnerability management and blue and red team operations).
- In this role, you will bring together the best practices in security according to established standards.
- This person will also be an integral part of the Security Leadership team and will be involved in helping to lead and mature the security program.
- This is a hands-on role that will continue to build a team over time
- Strong project management and hands-on implementation experience
- In-depth knowledge of security concepts in the various security domains which include authentication, access control, security monitoring, security testing, intrusion detection/prevention, attacks and countermeasures, cryptography, endpoint security, network security/infrastructure, assessments & audits, organizational security
- Ability to positively collaborate with IT and the other business unit teams to specify, architect and implement multiple types of security controls.
- Advanced knowledge of incident/threat response, prevailing and emerging threats and vulnerabilities management (validation, prioritization based on risk, reporting and mitigation).
- Ensure that the potential impact of engineering changes is well understood, using data to support understanding of upstream and downstream dependencies.
- Familiarity with AWS security best practices (e.g. Terraform, Ansible, CloudFormation or similar.)
- Experience deploying, maintaining, and administering security technologies including. (ie Endpoint protection, IDS, DLP, FIM, WAFs/Firewalls, SIEM, reverse proxies, etc.
- Direct experience with maintaining and utilizing common commercial and open-sourced vulnerability scanning and security auditing tools (Nessus, Nexpose, OpenVAS, etc.) in both cloud (virtual machines, AWS, Azure, etc.) and conventional (endpoints, servers, etc.) environments
- Extensive Windows, Mac OS/iOS, Linux and Unix experience including deep knowledge of file system layout, log file analysis, timeline creation, and common configuration deficiencies
- Desktop, server, application, database, and network security hardening principles and practices for threat prevention
- Experience with one or more scripting languages (Perl, Python, or other) in an incident response environment
- Ability to analyze and prioritize vulnerabilities to appropriately characterize threats along with experience working as part of a patch management process and a familiarity with patching tools (i.e. SCCM, JAMF, KACE, etc.)
- Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE).
- Effective communication and presentation skills with demonstrated ability to prepare documentation and presentations for technical and non-technical audiences.
- Excellent written and verbal communication skills, interpersonal and collaborative skills
- Must be a critical thinker, with strong problem-solving skills
- Ability to prioritize work from multiple sources, including ad-hoc and large-scale project work
- High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
- Self-starter, positive attitude, ability to work independently, enjoys learning and staying current with industry developments, regulations, and best practices.
If interested, you may contact:
Tim Cusick | LinkedIn
Equal Opportunity Employer: Eclaro values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.