If you’d like to become part of an exciting, fast-paced organization, BMC is the company for you!
DO YOU HAVE WHAT IT TAKES? (CLICK HERE) OR CHECK US OUT ON YOUTUBE: HTTPS://WWW.YOUTUBE.COM/WATCH?V=OPN86QVNKFU
This is ground floor opportunity to be part of a team to build out a best of breed information security program. This position will be the security operations manager who is responsible for ensuring the security operation of complex IT systems within BMC. The Security Operations Lead is expected to have a thorough understanding of complex IT and IS systems and stay up to date with the latest security standards, systems, technologies, as well as best practice security products as part of a security operations center. This role will lead and coordinate the detection, response and recovery activities from information security events/incidents and manage function-related business processes. This includes: collaboration with appropriate business partners and lines of business to establish security monitoring, analyze and contain information security incidents; establish oversight of information security incidents and communicate analysis, containment, and remediation efforts to all involved partners; Determine the root cause of incidents and work with stakeholders and responsible parties to remediate any identified control gaps or failures; Escalate issues to management in a timely manner with appropriate information regarding risk, action times, and root cause analysis; Maintain & utilize an incident response & recovery plans; and, Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results. In addition, this role requires strong project management, written, and verbal communication skills.
ESSENTIAL FUNCTIONS:
- Enterprise security operations planning, implementation and monitoring to include crisis management
- Develops operational practices and processes security monitoring and defense for IT systems solutions using current and emerging technologies.
- Extensive experience in information security operations and incident response with a focus a primary emphasis on detection and response, leveraging multiple external partners and 3rd party vendors
- Responsible for designing, developing, administering and tuning security event monitoring and intrusion detection related systems including the development of correlation searches, dashboards, automation, integration and reporting
- Manage 3rd party vendors and external partners that provide monitoring, analysis and management of various security technologies
- Develop, refine and improve Incident Response Plan, procedures and tools to increase visibility, detection capabilities, reduce false-positives and minimize time between detection and response
- Develops performance metrics, trend statistical data and customized management reports on incidents
- Serve as an Incident Commander on IT Security incident response team to handle incident investigations. Apply forensic investigation techniques to document root cause and impact of detected computer security incidents
- Support security leadership in the development, communication and execution of the security Incident Response program for the company.
- Help develop and communicate the Security Monitoring policies, plans and procedures, security Assessments and security operational roadmap to Senior Leadership.
- Experience conducting analysis/investigation and containment of potential data breeches or cyber security incidents.
- Ability to lead technical bridge lines to develop quick containment solutions to cyber-security incidents.
- Familiarity security vulnerabilities, exploits, malware and digital forensics.
- Direct, review and approve the design of security monitoring systems
- Proactively guide cyber incident response planning.
- Perform or lead investigations after breaches or incidents including impact analysis and recommendations for avoiding re-occurrences.
- Maintain a current understanding of the threat landscape for the industry.
- Partner with internal and external teams on security testing such as penetration testing exercises.
- Regularly update the security monitoring and incident response plans to leverage new technology and threat information.
- Communicate security monitoring and response best practices and risks to all parts of the business.
- Experience implementing and maintaining digital forensics tools, security event and incident management technologies
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures
- Mentor IT and IS team members on security best practices
- Translates business requirements into security monitoring requirements to support incident response
- Lead/Coordinate work across teams / departments to evaluate, develop, and ensure security monitoring and incident response capabilities are baked into solutions spanning people, process and technology
- Guide various IT teams for the joint development of information security monitoring and incident response policies and practices are established and based on industry best practices
- Create, maintain and supplement security logging and monitoring standards, security incident response and event handling standards and ensure consistent application of such standards
- Proactively test. hunt and review current system security measures and recommend and implementing security and IT environment enhancements
- Establishing disaster recovery procedures and conducting breach simulation through security drills
- May be asked to lead security incidents and providing thorough post-event analyses
Required Skills
COMMUNICATION SKILLS: Candidates should have excellent written and verbal communication skills and the ability to record and manage project time. Ability to rapidly develop and deliver quality presentations of a complex nature to a non-technical audience is critical.
OTHER SKILLS AND ABILITIES:
- Advanced cloud security, network security, server security monitoring and incident response experience required, Advanced knowledge of security tools required to monitor and secure datacenter technologies (SD-Wan, load balancing, next gen firewalls, IDS/IPS, etc.) and cloud (AWS, Azure, SaaS, etc.) is also required
- Experience working within a security framework (NIST).
- Candidate should have exceptional problem solving / analytical ability.
- Ability to meet deadlines and targets.
- Off-hours and incident support work may be required as needed. Must be reachable by mobile device.
- Demonstrate ability to handle multiple simultaneous projects, ability to work well with people from many different disciplines with varying degrees of technical experience, excellent interpersonal skills and willingness to learn.
Required Experience
EDUCATION AND EXPERIENCE: 4-year degree or equivalent technical degree in Computer Science, Information Security, Information technology or related field. Applicable work experience may be substituted for educational requirements. Candidates should have a minimum of 8 years of experience in a hands-on security operations or engineering role, a minimum of 5 years being in a senior role. Familiarity with NIST CSF, is important. Minimum of CISSP (Certified Information Systems Security Professional) certification required. Additional architecture ISC2 and SANS level certifications desired specifically on incident response.