Sr. Cyber Security Manager

Position Summary:

Reporting to the Director, Cyber Security & IT Compliance, the Senior Manager, Cyber Security will manage day-to-day cyber security operations and spearhead the implementation of advanced technologies and best practices to safeguard against various security threats. The incumbent will act as the senior technical resource for information security operations, providing leadership and oversight in the areas of:

• Threat Monitoring
• forensics and Incident Response (DFIR)
• Intelligence, Hunting, and Analytics
• Architecture, Engineering and Administration

Key Responsibilities/Accountabilities:

• leadership for a team of security analysts and specialists, including coaching, development, succession planning, recruitment, and performance assessment.
• and ensure the integration of technology, processes, and governance frameworks to proactively identify, investigate, and mitigate current and emerging security threats targeting business operations.
• leadership during security incident investigations, acting as operations lead to support incident containment and remediation as required.
• on-going operational enhancements of cyber security operations including alerting, monitoring, vulnerability management, and detection across multiple security domains.
• identify and champion the development and implementation of innovative methods, processes, and technologies to enhance our security posture and align with enterprise objectives.
• external threat intelligence and vulnerability feed, conduct research on emerging threats, and identify and deploy solutions to prevent such threats.
• the Director of Cyber Security & IT Compliance with the team’s strategic planning and goal setting.
• to the definition, development, and oversight of the enterprise cyber security management strategy and framework.
• security reports and communicate actionable insights based on analysis for both technical and non-technical audiences.
• duties as required.

Qualifications required for the position:

• post-secondary diploma in a relevant field or equivalent combination of education and experience. Advanced degrees and technical certifications (e.g., SANS GCIH, GCFE, GCIA) are highly valued.
• 10 years of progressive experience in cybersecurity, with at least 4 years in a leadership role managing Security Operations Center (SOC), Digital Forensics and Incident Response (DFIR) teams, or similar.
• knowledge of Microsoft security solutions, including but not limited to Endpoint Detection & Response, SOAR, SIEM, Identity Security, DLP tools.
• knowledge of modern security concepts such as common attack vectors, malware, security analytics and threat intelligence.
• knowledge of Cybersecurity Operations models and technologies (cloud, automation, orchestration, analytics, and risk-based approaches).
• knowledge of Microsoft Security solutions, including but not limited to Endpoint Detection & Response (EDR/XDR), automation (SOAR), SIEM, Identity Security, and Data Loss Prevention (DLP) tools.
• in analyzing various telemetry sources including but not limited to EDRs, network security tools, and cloud security solutions.
• experience authoring and maintaining playbooks and other process/governance documentation.
• knowledge of network fundamentals such as VPN, LAN, WAN, wireless network, network topologies, and access methods, switches, routers, protocols, and services such as OSI model, IPv4, IPv6, name resolutions, networking services, TCP/IP
• knowledge of administering MS Windows or Linux, including aspects such as application servers, web services, remote access, Active Directory, and performance monitoring
• with the mechanics of adversary behaviors and MITRE ATT&CK ®
• communication skills, both written and verbal, including the ability to communicate technical concepts in a clear, succinct fashion to subject matter and non-subject matter experts alike.
• analytical and problem-solving skills, including the ability to synthesize complex and contradictory information.