Manager, Security Operations


Job ID 18-00089

Industry Pharma

Job Type Permanent

Location Plainsboro, NJ

Description

Description:
- Manages the data analytics across all security-related systems including Security Incident Event Management systems (SIEM).
- Conducts risk assessments of Company systems, data repositories, processes, and devices. Uses Security tools to review access control lists (ACL) and provides reports to be used by local site administrators.
- Responsible for ensuring litigation hold requests are executed according to requirements and maintains records of data being held by Information Systems.
- Participates in project meetings to understand the process, technology, and controls associated with projects and lends technical/security expertise where interpretation of the purpose of the controls is needed.
- Provide application consulting services to business units on a variety of application security products including web application firewalls, application authentication, application load-balancing, application optimization, and data leakage prevention
- Assess and propose secure access to internal and external systems & applications and provide recommendations accordingly.
- Participates in the development of the Security Awareness training program and provides awareness training to new employees, contractors, and affiliates.
- Builds and maintains library of technical standards for operating systems and applications used by Company.
- Periodically reviews Information Security-related policies to ensure alignment with current threats
- Leads confidential investigations into matters such as misuse of company assets, fraud, and violations of Company policy using digital forensics tools.
- Conducts vulnerability assessments on external and internal systems/devices to ensure compliance with the overall security policy and most importantly to ensure the protection of Company's intellectual assets and reputation.
- Attends online and offsite Information Security seminars to enhance overall knowledge of Information Security best practices and current threats that could impact Company's systems, Intellectual property or reputation.
- Develops metrics to determine if progress is being made or new risks and threats are emerging.
- Leads incident response across the organization to ensure swift action is taken in the event of system or data compromise.
- Responds to requests for data from Internal and External Audit functions



Qualifications

Experience:
- 5-7 years Information Security Operations management experience.
- 2-3 Years Digital Forensics experience with tools such as EnCase or FTK (Forensic Tool Kit).
- Experience with deploying and managing Security Incident Event Management systems such as IBM QRadar, McAfee Security Manager, RSA Envision, or Splunk.
- Experience with Data Governance software such as Varonis.
- Experience with advanced threat detection tools such as FireEye.
- High level of expertise with the latest Microsoft Windows operating system versions, desktop and server platforms.
- Experience with Linux-based security tools a plus.
Other Qualifications:
- Can manage multiple tasks simultaneously with the highest level of confidentiality
- Strong analytical and problem solving skills
- Strong interpersonal and presentation skills for interacting with team members and clients
- Strong communication skills
- Strong organizational, leadership, and time management skills
- Ability to work in a team environment mostly without supervision
CANDIDATE DETAILS:
- 5+ to 7 years' experience
- Seniority Level – Associate
- Bachelor's degree in Computer Science, MIS, or equivalent.
- CISSP and other advanced technical Security Certifications. (e.g. Information Systems Security Architecture Professional, Information Security Engineering Professional, Certification and Accreditation - Professional or equivalent certifications preferred).
- Management Experience Required - No
- Minimum Education - Bachelor's Degree
- Willingness to Travel – Never
 

IDEAL CANDIDATE
Ability to communicate to all levels of the organization, specifically C-Suite management and to a non IT audience. Adaptable to a fact paced and growing company. Strong organization skills and able to work independently. Take initiative but not afraid to ask questions when necessary