The Manager of Security Operations is primarily responsible for overseeing the managed security services provider (MSSP) and associated personnel, maintaining and enhancing the vulnerability management program, and architecting and implementing technical security controls into the Epiq enterprise. The Manager of Security Operations will work with the analysts to ensure that appropriate incident detection use cases, investigation and response playbooks, technical controls, and threat intelligence components are integrated into the security operations toolset and processes. This position is a hands-on position which includes security incident management and response in addition to the administration of information security tools and services. The Manager of Security Operations will work to continuously improve the security of Epiq’s information assets.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Manage the MSSP, supporting functions, and associated personnel.
- Security incident management and escalation.
- Lead the Vulnerability Management process.
- Implement appropriate technology to address risk/monitoring requirements.
- Work with IT owners to design and implement new technologies to mitigate risks.
- Work with Architects to ensure secure design of all IT initiatives.
- Maintain awareness of new technologies and trends in the security space.
An individual must be able to perform each essential job duty satisfactorily. The requirements listed below are representative of the knowledge, skill and/or ability required:
- Broad understanding of Information Security concepts.
- Familiarity with security frameworks and various compliance requirements.
- Communicate effectively through written and verbal means to co-workers and senior leadership and effectively manage multiple tasks simultaneously, coordinating and ensuring that scheduled goals are met.
- Experience with the conduct of an information security investigation and remediation.
- Experience with security technology and processes used to defend an international enterprise network.
- Experience analyzing business or technical problems and proposing and implementing solutions.
- Excellent communication skills, verbal and written and be a self-managed / self-driven individual.
- Ability to deal with changing priorities and multi-task several projects.
EDUCATION AND EXPERIENCE
- B.S. Engineering / C.S. / MIS degree highly desirable
- CISSP/CISM/GIAC Certification highly desirable
- Periodic travel is required of this position – with an average expectation of 10% travel
- Typical work week is 40 hours with occasional weekend hours required.
- On call rotation for critical incidents required.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job:
- Example - Must be able to sit for extended periods of time, performing work on a computer.
- Example – Must be able to routinely lift parcels weighing in excess of 25 pounds.