Cyber Threat and Intelligence Manager

Responsibilities Include:

• Drive strategic and operational direction to the team and maintain responsibility for ensuring the maintenance operations and support of complex security products.
  
• Provide leadership & technical expertise of Threat Intelligence Incident Response and Forensics activities in cloud (Azure/M365) and onpremise environments
  
• Ability to advise on technical solutions in alignment with compliance requirements including FedRAMP NIST 800171 CMMC UK Cyber Essentials and ISO 27001.
  
• Manage and refine the security monitoring tools suite including SIEM Endpoint protections IDS Detection and Response (EDR) Email Gateway Application Whitelisting and DLP.
  
• Knowledge of Azure cloud and security technologies including EntraID Defender for Cloud and Secure Score.
  
• Lead and conduct Risk assessments and routine threat hunts of the environment and develop solutions to address issues identified.
  
• Direct and evolve the Vulnerability Management program with experience in infrastructure application (DAST) and code scanning (SAST/SCA/IaC) technologies.
  
• Provide advice and recommendations for system and device hardening and familiarity with common baseline compliance frameworks (e.g. CIS Benchmarks)
  
• Develop security technology roadmaps evaluate new products for varying system architectures and provide cost/benefit analysis in alignment with business objectives.
  
• Manage the physical security and access management of the facilities
  
• Manage incidents advise executive stakeholders and serve as the technical focal point for the Crisis Response Team in response to cyber incidents.
  
• Coach manage and mentor the team members with a strong focus on refining standard operating procedures and documentation.
  
• Coordinate and partner closely with various parts of the business and their management to ensure security integration.
  

Requirements

• 3 years of experience in an IT security technical leadership role providing direction to a team managing people supporting career development team building and conflict resolution.
  
• Demonstrated ability to prioritize coordinate schedule and communicate across the organization.
  
• Excellent interpersonal skills with an ability to convey highly complex topics to technical and nontechnical audiences.
  
• Security Monitoring and Intrusion Detection (e.g. Log correlation and analysis (Splunk/Sentinel) Incident Response Forensics)
  
• Network & Endpoint Security (e.g. IDS Firewalls network access controls proxies SPAM/Phishing Prevention HIPS/HIDS EDR NGAV etc)
  
• Vulnerability Scanning and Remediation Infrastructure Application and Database
  
• Information Security Threat/Risk Assessment
  
• Experience in systems design architecture and requirements development in an Azure cloud and onpremise environments
  
• Demonstrated ability to understand and respond to complex business requirements
  
• Demonstrated ability in strong verbal and written communication skills to interface with technical and business stakeholders
  
• 10 years of IT Security work experience.
  
• Must gain and maintain Trusted Role.
  

Preferred Qualifications:

• Scripting Experience Python PowerShell and Bash are preferred.
  
• Public Key Infrastructure
  
• Data Loss Prevention (DLP)
  
• Identity Federation Technologies (SAML etc.)
  
• Business Continuity and Disaster Recovery planning
  
• SharePoint
  
• IaC technologies including Terraform and Ansible.
  
• Web Application Security.
  
• FedRAMP and CMMC compliance.
  
• Jira and Confluence experience.
  

Education:

• Bachelor Degree from an accredited university in IT related discipline.
  
• CISSP and other technical certifications are a plus.
  

This is a Hybrid position. Must be willing to work onsite and as needed to travel to company locations and/or client locations.

Benefits