Information Security Operations Lead/Manager
enVista · Carmel, IN · 1 wk ago
HybridManagementFull-time
About the role
enVista is seeking an Information Security Operations Lead or Information Security Operations Manager. This position will play a key role in the growth of enVista’s Information Security team.
Responsibilities
- Responsible for day-to-day coordination of Security Operations activities including ticket and request handling, incident triage, escalation, containment and remediation
- Accept and resolve the most complex security incidents that cannot be resolved by the IT Operations Team or less experienced Security Analysts
- Lead incident response investigations, coordinate response activities, and update leaders while maintaining confidentiality
- Oversee the daily configuration and maintenance of core security tools including EDR, NDR, email security solutions, and SIEMs
- Establish and document repeatable security operations processes and procedures and ensure they are followed by the Information Security Team
- Implement automation for repetitive security response and maintenance activities
- Support associated security activities including security engineering, threat hunting, vulnerability management, penetration tests, and GRC processes
- Participate in the process to on-board new clients to enVista’s managed security services
- Frequent interface with vendors and service providers to ensure timely response to support requests and adherence to Service Level Agreements (SLAs)
- Development of Security Operations metrics and reporting to management
- Lead, mentor, and develop a team of Security Analysts with an aim to scale-up in the future (Manager)
- Temporarily lead the Information Security team in the Director’s absence (Manager)
- Periodic travel to client sites, conferences, or industry events (Up to 20%)
Requirements
- Bachelor’s degree in Computer Science, Management Information Systems, Information Security, Cybersecurity, or a related field. A combination of equivalent experience and certifications will also be considered.
- 7 – 10+ years leading or working in a Security Operations Center or Incident Response Team (Manager)
- 5 – 7 years working in a Security Operations Center or Incident Response Team (Lead)
Qualifications
- Experience leading information security incident response
- Previous experience in implementing documented repeatable security operations processes
- Experience working with Endpoint Detection and Response (EDR) toolsets, Managed Detection and Response (MDR) service providers, email security solutions, SOARs, and SIEMs
- Experience with eDiscovery and information protection toolsets (e.g. Microsoft Purview)
- General understanding of security technologies including vulnerability management solutions, firewalls, IDS/IPS, CASB, NAC, DLP, VPN's, SSE, endpoint management solutions, Privileged Access Management (PAM) solutions, and general network/security concepts
- Experience with security automation technologies and scripting languages (Python, JSON, YARA, TAXI/STIX, etc.)
- Prior experience working with Microsoft technologies including Active Directory (AD), Azure, Defender, EntraID, Intune, Purview, and Sentinel
- Familiarity with other security and technology platforms including Okta, CISCO DUO, AWS, and GCP
- Exposure to control and security frameworks, particularly the AICPA Trust Service Criteria (SOC2), ISO 27001, NIST CSF, and HIPPA/HITECH/HITRUST
- Proficient with Microsoft Office Suite and Office365 (i.e., Teams, SharePoint)
- Ability to communicate and drive for optimal security outcomes across all levels of the organization and engage with current and prospective clients
- Excellent verbal and written communication skills
- Remain current with emerging cyber security threats and advise relevant stakeholders on the appropriate course of action
Skills
- Experience leading information security incident response
- Previous experience in implementing documented repeatable security operations processes
- Experience working with Endpoint Detection and Response (EDR) toolsets, Managed Detection and Response (MDR) service providers, email security solutions, SOARs, and SIEMs
- Experience with eDiscovery and information protection toolsets (e.g. Microsoft Purview)
- General understanding of security technologies including vulnerability management solutions, firewalls, IDS/IPS, CASB, NAC, DLP, VPN's, SSE, endpoint management solutions, Privileged Access Management (PAM) solutions, and general network/security concepts
- Experience with security automation technologies and scripting languages (Python, JSON, YARA, TAXI/STIX, etc.)
- Prior experience working with Microsoft technologies including Active Directory (AD), Azure, Defender, EntraID, Intune, Purview, and Sentinel
- Familiarity with other security and technology platforms including Okta, CISCO DUO, AWS, and GCP
- Exposure to control and security frameworks, particularly the AICPA Trust Service Criteria (SOC2), ISO 27001, NIST CSF, and HIPPA/HITECH/HITRUST
- Proficient with Microsoft Office Suite and Office365 (i.e., Teams, SharePoint)
Benefits
- Competitive Compensation & Bonuses
- Medical, Dental & Vision Insurance
- Paid Time Off, Holidays & Volunteer Days
- Life Insurance, Short/Long Term Disability
- Paid Sabbatical Program
- 401k with Company Matching
- Flexible Work Opportunities
- Paid Sabbatical After Seven Years of Service
- Employee Referral Bonus