Manager, Information Security Operations
The Role
We're looking for an experienced Information Security Operations Manager to join our growing Information Security team. This role will be reporting to the Director of Information Security. Our team works to create a strong Information Security function within GTI that enables the business to continue its tremendous growth. The Information Security Operations Manager is responsible for supporting cybersecurity strategy, design, deployment, and ongoing operations.
Responsibilities
- Manage the day-to-day operations of security tools, processes and vendors responsible for providing perimeter, application, network and cloud security. This includes, but is not limited to: Firewalls, Proxies, Antivirus, SIEM, Network Access Control, Email Gateway, IDS/IPS, DAST/SAST, Privileged Access Management, Data Loss Prevention, Penetration Testing, Vulnerability Management and Disaster Recovery.
- Deploy, configure and mature security tools and processes.
- Lead Incident Response activities, coordinating with internal and external technical teams and providing on-call support.
- Manage an internal technical team as well as an external SOC.
- Lead and coordinate the investigation and remediation of monitoring alerts.
- Drive and oversee the development of playbooks and standard operating procedures for incident response, security tools and processes.
- Serve as the Subject Matter Expert for network security and security operations and provide expertise and guidance to internal and external IT team members.
- Serve as the Project Manager for technical security operations projects, implementing new security technologies and maintaining existing technologies.
- Maintain a current understanding of the cybersecurity threat landscape.
- Identify and evaluate security gaps and translate into functional specifications to reduce risk.
- Review alignment of security controls to policies, frameworks and regulations and provide roadmaps to meet compliance.
- Lead and deliver security operations reporting and metrics, including KPIs and KRIs.
- Execute tasks as a member of the Information Security team as assigned by management.
Qualifications
Our employees come in all shapes and sizes, but to be successful in this role with us, you'll at least need:
- At least 5 years of experience working in Information Security
- Bachelor’s degree or higher in Information Security or Information Technology is required
- Strong understanding of Information Security technologies, design and architecture
- Strong written and oral communication skills, as this role will interface with business leaders
- Strong people management, project management and vendor management skills
- Deep knowledge of network, endpoint, application, and cloud security
- Knowledge of NIST, MITRE, OWASP, and other security frameworks
- Strong problem-solving skills with well-organized and structured work habits
- Security certifications, such as CISSP, CISM, CCNA are preferred
- We're doing some big things, and we'll find some roadblocks along the way, big and small. A big part of this role is keeping an even keel and finding the route through or around the obstacles
- This role requires lots of communication with customers and everyone at GTI. Your colleagues will rely on your ability to translate security requirements into digestible bits of information for them. Customers will expect you to quickly articulate technical components of the GTI security program to help them assess risk, including as part of the business development process
- An insatiable intellectual curiosity and the ability to learn quickly in a complex space
Additional Requirements
- Must pass any and all required background checks
- Must be and remain compliant with all legal or company regulations for working in the industry
As an employer of more than 100 employees, Green Thumb will be operating in accordance with the Biden Administration’s Path Out of the Pandemic should the mandate take effect.