We are looking for a hands-on technical leader and security professional, who will report to the VP of Legal & Compliance. In this role, you will be responsible for identifying, directing, implementing, and overseeing security related initiatives and programs pertaining to network and application security, security operations, risk management, business continuity and disaster recovery, as applicable. You will help identify current/emerging security risks throughout the evaluation of existing and future systems and procedures, and you will work collaboratively with IT and the security teams to provide security subject matter expertise, ensuring those risks are appropriately assessed and mitigated.
The tenets of our Credo – Team Members First, Fearlessly Lead and Evolve, Communicate Clearly and Bring Our Best Selves – form the fabric of our organization. They are reinforced daily and serve as key dimensions in the hiring process to help us ensure that we attract outstanding talent and make Solutionreach a great place to work.
Duties and responsibilities
Your responsibilities would include, among other things:
- Lead IT/Engineering/Security/DevOps teams to integrate new security solutions.
- Implementing and maintaining SIEM monitoring systems for on prem and cloud environments.
- Assist in supporting secure coding guidelines.
- Review and analyze security events and tools in order to assist in optimizing currently deployed tools/procedures/processes.
- Troubleshoot and perform root cause analysis to assist in identifying suspicious activity.
- Conduct vulnerability assessments and threat modeling assessments.
- Provide guidance, recommended controls, and countermeasures to identified and exposed risks.
- Ensure control procedures, risks, and policies are properly mapped to industry regulations and guidelines.
- Lead incident response processes and procedures as they relate to changing threats and requirements.
- Provide analysis of security tool event feeds, network traffic and log analysis.
- Advise on best tools, processes, practices and standards to insure effective protection of information security assets.
- Collaborate with other technology teams or 3rd parties to drive remediation of IT risks identified by internal and external assessments.
- Coordinate identification of vulnerability owners and remediation of those vulnerabilities as it relates to HIPAA and other regulatory requirements.
- Perform IT Risk & Security assessments, recommending information security solutions to assist businesses with the assessment and improvement of their security infrastructure and applications.
- Have 3+ years experience leading technical teams (IT, Security, Engineering)
- Have a bachelor’s degree in Information Security, Information Systems, Computer Science, or related field and/or have equivalent work experience.
- Have 5+ years of network, server, or security experience.
- Have experience securing cloud systems.
- Have implemented and/or worked with a SIEM to review and analyze security events from various monitoring and logging sources to identify and/or confirm suspicious activity.
- Possess excellent analytical and problem solving skills related to networking, operating systems, and malware analysis.
- Have one or more of the following professional certifications: CISSP, SANS (GSEC, GCIA, GPEN, GCIH, etc.), CISA
- Have strong networking skills and knowledge of TCP/IP protocol.
- Have experience administering network equipment, firewalls, and/or VPNs.
- Have experience diagnosing T.A.R.D.I.S. timey wimey problems.
- Be able to translate business needs and regulatory requirements into cost effective and risk appropriate controls.
- Have experience with IDS/IPS systems, such as Snort, Cisco Firepower, etc.
Not required but preferred:
- Certifications such as Network+, Linux+, Security+
- Experience with automation tools such as salt.
- Experience with Cisco ISE.
- Experience with secure email gateways.
- Experience with Okta/OAuth/SAML.
- Experience with GCP and microservices.
- Programming experience.
- Scripting skillz. (Shell, Python, Java, PHP, PowerShell, etc.)
- Knowledge of project management.
- Knowledge of DevOps, and Agile SDLCs.
- Knowledge of ITIL including incident, problem, and change management.
Get in on all the awesome at Solutionreach!
In addition to terrific health, vision, and dental insurance:
- “Self-managed” PTO
- The week between Christmas and New Year’s off 100% paid!!
- Ten paid holidays
- $1000 match to your dependent care flex spending account (FSA)
- Tuition reimbursement after one year of employment
- 3 week paid parental leave
- Health Savings Account with up to $1,750.00 employer contribution for Employee + Family
- 401K with 3% employer match
- Paid Short-Term Disability, Life and AD&D Insurance
If interested, please apply at Senior Manager, Security Operations (indeed.com)