Manager, Cyber Security Engineering

Job Description

As the ideal candidate, you are an experienced, highly motivated Cyber Security Manager interested in learning new technologies and staying up to date with the cyber threat landscape. You work well in a highly dynamic environment, along with peers and senior security analysts, to research and assess vulnerabilities, threats, and attacks on enterprise products and environments. You are constantly innovating to improve the management and incident response procedures, practices, and tooling. You can quickly access information and data sources to determine priorities and provide concise reporting of the issues in professional technical and business terms. Responsibilities:

• Technical Manager with hands-on experience in product cybersecurity
• Lead technical teams in delivering highly scalable and reliable applications that meet business budgets/timelines while ensuring alignment to strategic technology vision
• Lead product pen testing, vulnerability management, and incident response teams.
• Lead day-to-day activities and influence team members to use follow and support agile practices
• Ensure team is properly engaged, aware of career achievements/path, their role on the team and how it relates to others, lastly aware of their contributions to our overall goals
• Lead all recruiting activities across the team
• Work with team leads to ensure roadmap objectives are met as well as effectively manage interrupt-driven workloads
• Oversee and participate in incident response activities, as needed
• Manage training, education and career development for team members
• Assist in recruiting new team members
• Identify and document the roles, tasks, and responsibilities of each team member
• Identify gaps/risks early and establish mitigation plans (both technically with regards to resources)
• Increase the overall visibility of this team; celebrate/track accomplishments and build relationships with key leaders in other groups
• Continually strive for improvements in process, talent acquisition/retention, application time-to-market and quality
• Superior intellectual curiosity and problem-solving skills to explore what problems need to be solved, identify and analyze key insights, and nd creative solutions
• Superior listening skills and ability to convey complex ideas in a clear, concise fashion to technical and non-technical audiences
• Provide hands-on technical coding and mentoring when necessary

Requirements:

• 6 years of management/leadership experience with at least 4-6 years of security experience
• Combined 10 years of hands-on security experience
• Experience working in and managing teams within an Agile workflow
• Deep understanding of security, SDLC, CI-CD, SaaS/cloud security, agile methodologies, values, and procedures
• Ability to analyze, propose and implement timely, cost-effective, quality solutions for all issues or problems within area of responsibility
• Strong influencing and problem-solving skills with an ability to identify partners, assess their needs and manage their expectations through effective communication
• Excellent verbal and written communication skills for composing and delivering technical presentations or other forms of documentation to various levels of management
• Strong coaching and mentoring experience to build and a sustain robust team
• Good to have - Microservices cloud-native, and DevOps experience
• A strong bias towards automation and innovative thinking
• Experience with Amazon Web Services and related technologies (EC2, IAM, KMS, EMR, S3, VPC, Lambda, etc.)
• Ability to translate security requirements implementation into formal written procedures
• Knowledge of OSI Layer 7 Model, Network Architecture and Network Topology
• Experience with both virtual and containerized computing environments
• Working knowledge with any of the following: Java, Python, JavaScript, Go, or shell scripting
• Demonstrated ability to interpret security requirements from compliance documents, create technical solutions, and explain complex security concepts to non-technical business partners
• Familiarity with compliance and risk management frameworks, such as FedRAMP, SOC2, SOX, ISO27001, ITIL
• Industry certifications CISSP, CISM, GIAC

Education:

• MS/M.tech or BS/B.tech in Computer Science or related field, or equivalent work experience required

,

Keyskills :
risk managementcyber securityenvironmental impact assessmentpenetration testingidsfirewalliso 27001shell scriptingcustomer relationsamazon web servicesnetworkingweb servicesproblem solving