$150K — $200K *
Our customer is a Software as a Service (SaaS) medical device company. They use cutting-edge technology (deep learning, computational fluid dynamics, cloud-based computing) combined with advanced clinical expertise to revolutionize the treatment of coronary artery disease. They have an exciting and challenging opportunity for a talented, highly technical, exceptional Cyber-Security Operations Manager with significant hands-on cyber-security operations, security infrastructure design and administration experience to help continue to shape the foundation and mature their cyber-defense, detection, and response capabilities.
You will serve as the overall lead, manager and administrator. As an administrator, you will be responsible for direct hands-on administration of their existing tools and cyber-security infrastructure. As a manager, you will lead and build a small technical team of engineers and drive the delivery of security functions in your area (security engineering, threat response, vulnerability management and blue and red team operations). In this role, you will bring together the best practices in security according to established standards.
This person will also be an integral part of the Security Leadership team and will be involved in helping to lead and mature the security program.
· This is a hands-on role that will continue to build a team over time
· Strong project management and hands-on implementation experience
· In-depth knowledge of security concepts in the various security domains which include authentication, access control, security monitoring, security testing, intrusion detection/prevention, attacks and countermeasures, cryptography, endpoint security, network security/infrastructure, assessments & audits, organizational security
· Ability to positively collaborate with IT and the other business unit teams to specify, architect and implement multiple types of security controls.
· Advanced knowledge of incident/threat response, prevailing and emerging threats and vulnerabilities management (validation, prioritization based on risk, reporting and mitigation).
· Ensure that the potential impact of engineering changes is well understood, using data to support understanding of upstream and downstream dependencies.
· Familiarity with AWS security best practices (e.g. Terraform, Ansible, CloudFormation or similar.)
· Experience deploying, maintaining, and administering security technologies including. (ie Endpoint protection, IDS, DLP, FIM, WAFs/Firewalls, SIEM, reverse proxies, etc.
· Direct experience with maintaining and utilizing common commercial and open-sourced vulnerability scanning and security auditing tools (Nessus, Nexpose, OpenVAS, etc.) in both cloud (virtual machines, AWS, Azure, etc.) and conventional (endpoints, servers, etc.) environments
· Extensive Windows, Mac OS/iOS, Linux and Unix experience including deep knowledge of file system layout, log file analysis, timeline creation, and common configuration deficiencies
· Desktop, server, application, database, and network security hardening principles and practices for threat prevention
· Experience with one or more scripting languages (Perl, Python, or other) in an incident response environment
· Ability to analyze and prioritize vulnerabilities to appropriately characterize threats along with experience working as part of a patch management process and a familiarity with patching tools (i.e. SCCM, JAMF, KACE, etc.)
· Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE).
Soft Skills Needed
· Effective communication and presentation skills with demonstrated ability to prepare documentation and presentations for technical and non-technical audiences.
· Excellent written and verbal communication skills, interpersonal and collaborative skills
· Must be a critical thinker, with strong problem-solving skills
· Ability to prioritize work from multiple sources, including ad-hoc and large-scale project work
· High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
· Self-starter, positive attitude, ability to work independently, enjoys learning and staying current with industry developments, regulations, and best practices.
Experience working with all levels of management, across diverse teams to achieve successful outcomes
Valid through: 4/22/2021
$200K — $250K
8 days ago