IT Security Operations Team Lead
Jersey City, NJ
W2/Contract to Hire.
The IT Security Operations Team Lead is responsible for installing, configuring and supporting thesecurity monitoring and compliance systems and managing access to all applicable systems. They will also be responsible for managing vendor relationships including but not limited to those with ManagedSecurity Service Providers and Network and Application Security Vendors.
JOB FUNCTIONS (DUTIES/RESPONSIBILITIES)
- Management of the IT Security Operations area and hands on management of all IT Security related technologies.
- Assists in defining, creating and implementing SMTBUSA’s Information Security Policy/Procedures.
- Defines, helps to engineer and install, configures and administers IT Securitytechnologies intended to protect the bank’s digital assets from internal and external threats.
- Responds to Information Security incidents.
- Responsibility for and management of all access management and authentication systems including SiteMinder and Safeword.
- Approves or works with the approver for all access controls for each user account and manages access rights when necessary.
- Monitor IPS/IDS on a daily basis for suspicious behavior and escalate appropriately.
- Works withinternal and external auditors.
- Review and approval of the network asset configuration changes per SMTBUSA procedures.
- Provides periodic reporting on information security issues.
- Interfaces with external contacts to maintain/administer accounts/controls used for IT Security Operations.
- Ability to work with and accept user requests.
- Lead the planning and implementation processes of a comprehensive information security program;
- Establish annual and long-range security goals; define security strategies, metrics, and reporting mechanisms; and create a road map for continual security program improvements;
- Stay abreast of information security issues and regulatory changes affecting Sumitomo Mitsui Trust Bank U.S.A. Limited, participate in strategic policy and practice discussions, and communicate to employees on a regular basis about such topics;
- Operationalize relevant threat intelligence, and determine future threat intelligence needs, from internal and external sources;
- Provide hands-on technologysupport for all existing or new technologies assigned, utilizing vendors as needed, to ensure Sumitomo Mitsui Trust Bank U.S.A. Limited’s needs are met in a highly responsive and effective manner;
- Stay abreast of security incidents and act as the primary control point during significant information security incidents;
- Develop, implement, and administer technical security standards and tools to address and mitigate securityrisk;
- Monitor compliance with security standards and appropriate policies;
- Prepare and provide reports as requested by management.
- Perform all functions as assigned by management.
- Provide high quality work by ensuring accuracy and seeking to continuously improve our processes and platforms by embracing new and better ways of doing things.
- 7+ years of relevant IT securityexperience, preferably as an IT Security Lead, Manager, or other similar role;
- Bachelor’s degree in Management Information Science, Computer Science or equivalent work experience;
- Relevant professional certification(s) (e.g., CISM, CISSP) preferred;
- Experienceworking withinternal and external auditors;
- Experience working in a diverse, multi-cultural environment;
- Ability to work independently in a decentralized environment, without the reliance of direct authority;
- Proven maturity, reliability, composure, and stability under pressure;
- Strong organizational, analytical, and planning skills; Attention to detail and the ability to prioritize multiple, competing responsibilities;
- Excellent interpersonal and communication skills; and
- Demonstrated experience with the following systems:
1. Firewall Configuration and Monitoring;
2. Intrusion Detection System/Intrusion Prevention System;
3. Security Incident and Event Management (SIEM) System;
4. Microsoft Active Directory;
5. Basic working knowledge of Red Hat Linux and Windows Operating Systems;
6. Routing and Basic Networking, VPNs, and VLANs;
8. Log Collection and Analysis; and
9. Nessus Vulnerability Scanning;
10. Phishing Test Management (Core Impact or comparable product);
11. Palo Alto NGFW and IDS/IPS management experiencepreferred;
12. Two Factor Authentication (experience with Safeword Authentication is a plus);
13. Endpoint protection (experience with Symantec or Malwarebytes is a plus);
14. Single Sign On (experience with CA SSO is a plus); and
15. Management of ManagedSecurity Service Providers