Senior Manager, Security Operations

Job Locations US-AZ-Phoenix
Company
University of Phoenix
Job Family
Information Technology
Virtual Eligible
No
Requisition ID
2018-9483
Position Type
Full-Time

Overview

Manages those who ensure the security of company electronic information through the implementation of technical and administrative safeguards.

Responsibilities

  • Directly responsible for the management of the 24X7 Information Security Operations Center (ISOC).
  • Manages incident response teams during security incidents through resolution.
  • Reviews alerts and data from sensors and documents formal, technical incident reports.
  • Works closely with legal, compliance and audit to escalate and coordinate efforts to protect sensitive information across the organization.
  • Provides and implements mitigating actions to contain incident related activity and facilitates forensics analysis where required.
  • Manages Information Security staff in the identification, reporting and resolution of security violations.
  • Mentors junior security analysts to advance their skills and knowledge to promote professional growth.
  • Develops and implements Information Security policies, standards, processes and procedures for the enterprise.
  • Establishes technical security standards and configurations for operating systems, applications and network equipment.
  • Ensures and monitors security compliance with industry and government rules and regulations.
  • Coordinates with technology and business groups to assess, implement, and monitor IT-related security threats, probability of occurrence and impact on business processes.
  • Communicates risks to appropriate business personnel and recommends appropriate remediation for risk reduction to manageable levels.
  • Manages security performance against established security metrics and reporting.
  • Ensures security compliance and meets all service level agreement requirements.
  • Contributes to the Information Security awareness program.
  • Maintains a deep technical knowledge to keep abreast of threats and technologies associated with prevention, detection and response of Information Security incidents.
  • Works across organizational boundaries to develop working relationships across the enterprise and businesses.
  • Receives assignments in the form of objectives and determines how to use resources to meet goals.
  • Provides guidance to subordinates within the latitude of established company policies. 
  • Conduct presentations and tours as required for announced visitors.
  • Manage or participate in vendor risk management, vulnerability management and incident management programs.
  • Performs other duties as assigned or apparent.

Qualifications

Basic Requirements:

  • A Bachelor’s degree in Computer Science or a related field, or equivalent experience is required
  • A minimum of 10 years progressive IT security skills, IT audit experience can be included in experience
  • A minimum of 5 years directly managing Information Security teams

Additional Requirements:

  • Certified Information Systems Security Professional (CISSP), highly preferred
  • Certified Information Security Manager (CISM), preferred
  • Certified Information Systems Auditor (CISA), preferred
  • IT risk assessments & management methodologies
  • IT Governance, Risk & Compliance (GRC)
  • Documenting security policies, standards & risk acceptance processes GRC tools
  • Excellent interpersonal, written communication, technical writing and presentation skills
  • Strong business analysis skills
  • Able to Learn quickly, absorb and retain information, and apply knowledge when and where relevant
  • Self-motivated and able to work on own initiative with minimal guidance
  • Logical approach to problem solving
  • Experience of managing a varied and heavy workload
  • Ability to prioritize work appropriately
  • Creative and innovative, yet pay close attention to detail
  • Desire to see tasks through to completion
  • Strong team player
  • Ability to correlate network activity across networks to identify trends of unauthorized or suspicious use.
  • Ability to identify and assesses the severity and potential impact of risks
  • A thorough knowledge and understanding of the technical Information Security environments and processes
  • Proven ability and past experience performing moderately complex security analysis for information technology is required
  • Must have excellent oral and written communication skills to effectively interact with internal and external customers
  • Technical expertise in anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns
  • Technical expertise in Intrusion Prevention System (IPS)/Intrusion Detection System (IDS), SIEMs and other Computer Network Defense (CND) security tools
  • ISO 27001 and ISO 27002 standards for Information Security;
  • PCI DSS (Payment Card Industry Data Security Standard)
  • GLBA (Graham Leach Bliley Act)
  • FERPA (Family Educational Rights and Privacy Act)
  • Knowledgeable in various EU Data Protection laws
  • Experience in other International Data Protection laws, preferred
  • NIST (National Institute of Standards and Technology) 800

 

 

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on Your Newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.