Position: Senior Manager - IT Security Operations
Location: Phoenix, AZ
Duration: Full time
The FIREWALL OPERATIONS MANAGER is principally responsible for ensuring the availability and operations for all securityinfrastructure for MMC world-wide. This includes firewalls, proxies, advanced malware prevention, data loss prevention, intrusion detection/prevention systems, etc. Additionally, the FIREWALL OPERATIONS MANAGER role will manage a team of distributed operations staff responsible for the daily change management, configuration management, patching, and system upgrades to the securityinfrastructure.
The FIREWALL OPERATIONS MANAGER will also actively participate in infrastructure deployment projects such as new firewall deployment, based on approved engineering designs, or migrations of existing services to new platforms such a migration to newer technologies. Across the information security function, this role will contribute to security solutions that will deliver high levels of performance, security, scalability, automation, maintainability, appropriate reusability and reliability throughout its lifecycle. When necessary, this position will participate in the Incident Response process relating to cybersecurityevents or investigations. This role is accountable to maintain operational documentation, metrics, and SLAs necessary to facilitate a smooth running and predictable operational environment and will work with Information Security leadership to develop strategies and plans to enhance security, identify and close risks/gaps, and to enforce the firm's information security policies.
The FIREWALL OPERATIONS MANAGER is responsible for maintaining and managing a strong operational team, which may be located remotely, to successfully deliver on the operational requirements of the cybersecurity program at MMC while always operating at the highest levels of integrity.
? Provide daily oversight for the 24/7/365 firewall operations function within the Global Information Security organization.
? Manage the day to day operations of the securityinfrastructure operations team to include internal support tickets, firewall and securityinfrastructure changes, infrastructure. upgrades and patches, and other operational activities.
? Ensure the team is performing all aspects of the operations function to the best of their abilities including critical analysis, response and remediation of cyberevents, firewall rule changes, and internal support tickets.
? End-to-End enterprise-wide tier II troubleshooting of networksecurity technologies for performance and connectivity across the global MMC environment.
? Execute daily ad-hoc tasks and lead small projects as needed.
? Develop securityprocesses and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained efficiently and effectively.
? Identify and drive process improvement efforts across the operations function.
? Create and maintain operational reports for Key Performance Indicators and daily / weekly / monthly metrics reports.
? Partner with and provide information security expertise to the operating companies to provide guidance and direction on secure application hosting for internal and client facing application systems. Assess applications connectivity issues associated with application data flows through securityinfrastructure.
? Participate in Computer Incident Response Teams (CIRT) as necessary by providing support to mitigate active security incidents possibly threatening the Global MMC computing environment.
4-year college degreerequired
Minimum 5+ years of advanced networksecurity operations experience with large scale operations spanning multiple business lines distributed globally.
Knowledge and skills:
? Previous supervisory experience in a SOC or IT Operations Center required
? Experience demonstrating knowledge of information security programs and operations, data security practices and procedures, including risk identification, network routing and connectivity technologies, and common cybersecurity attack vectors
? Experience demonstrating knowledge of computer hardware/software technologies, and information security tools
? Strong planning and organizational skills to set priorities and achieve goals
? Strong analytical and problem-solving skills relating to firewall and security operations technologies
? Strong ability to manage, train, and motivate and team of operational security staff and off-shift operations
? Excellent verbal, written and interpersonal communication skills
? Experience with securityinfrastructure related to Enterprise Log Management, IDP/IDS, Antivirus, Firewalls, Proxies, load-balancers, WAFs, VPN, DLP, Forensic Analysis and SIEM
? Experience with evaluating TCP dumps/traces, strong knowledge of Perl required and familiarity with Java Script, and Python very useful
? Knowledge of IT Security Standards and Frameworks including NIST beneficial
? Strong working knowledge of Cisco and Palo Alto firewall products.
? Must be a self-starter, work with limited supervision & be able to work well with others in a globally diverse IT environment.
CISSP, CISM or other related Information Security certifications preferred.