Manager, Information Security

Summary: The Manager, Information Security will be responsible for the strategic leadership, execution, and continuous improvement of the organization’s information security program designed to protect the Funds’ systems, networks, and data. This role will provide critical oversight of security operations, develop and maintain policies and frameworks, and mentor members of the Information Security team. The Manager will be responsible for managing the risk register, define and implement frameworks to improve Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), Incident Response Plans, and ensure the Information Security Policy Manual and Business Continuity Plan addresses the evolving threat landscape and compliance requirements. The successful candidate will be a hands-on leader, well-versed in both operational security and governance, and capable of building a scalable, resilient information security team aligned with the Funds’ broader IT strategy.

Essential Duties and Responsibilities: 

• Lead and manage the IT Security Operations team, including Information Security Analysts, Engineers, and Incident Responders.
• Provides guidance and expertise in the field of risk management regarding the protection and security of digital assets in the cloud and on-premises.
• Designs and develops Information Security architectures to prevent unauthorized access to our system, networks, data, and information.
• Develops, maintains, enhances, and implements information security policies and procedures, including
• the Information Security Policy Manual, Incident Response plans, playbooks, runbooks, and the Business Continuity Plan documents on a regular basis as changes occur.
• Coordinates and performs business continuity planning and incident response exercises on an annual basis within IT and with business champions.  Coordinates and leads response efforts during security incidents.
• Manages, maintains, and monitors security technologies such as vulnerability scanning solutions, IDS/IPS, anti-virus technologies, DLP capabilities, SIEM technologies, EDR, host forensics and malware analysis, core and web application firewalls, network security groups, threat intel platforms, and proxy solutions.
• Oversees and collaborates with our Security Operations Center (SOC) provider to review threat alerts, reports, and ensures the team follows up on all actionable information.
• Receives guidance and collaborates with our vCISO to manage all security initiatives, risk mitigation plans, annual assessments, security audits, and penetration testing activities. 
• Manages real time threat detection technologies to identify and quarantine threats, monitors endpoint security alerts and takes corrective action.
• Minimizes security threats by examining governance, technology infrastructure, and facilities to identify security deficiencies, using risk analysis and follow up with corrective action plan.
• Monitors internal control systems to ensure appropriate access levels are maintained, protects against unauthorized system access, modification and destruction.
• Reviews security related reports, logs and occurrences; escalates issues and initiates security response procedures. 
• Creates and reviews vulnerability reports, tracks compliance with vulnerability management policies, and escalates.
• Researches and evaluates emerging technologies, latest cybersecurity threats, trends, tools, and best practices in support of security technology enhancements applicable to the organization’s environment, proposes technical solutions to management, to address security weaknesses, and coordinates with relevant stakeholders to implement.
• Reviews, updates, and enforces data security practices within the organization; tests for exposures to ensure adherence to relevant regulations and frameworks (e.g., NIST, ISO 27001, PCI-DSS, HIPAA) and procedures and works with platform experts to implement remedial measures as appropriate.
• Tests security controls and manages the associated remediation of any deficiencies as needed.
• Assesses security information, triaging and responding to security events, identifying false positives, and conducts correlation analysis across numerous internal and external data sources while prioritizing information security incidents.
• Performs project management tasks for security initiatives and projects.
• Manages incident-handling processes, which include implementation of containment, protection, and remediation activities.
• Supports information security training and awareness by providing ideas and content and collaborates with the Training and Development department with updates to employee security awareness education and training.
• Manage multiple priorities and deadlines concurrently.
• Provides support after hours, on weekends, and through on-call rotation.
• Performs other duties as assigned.

Qualifications:

 To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.  The requirements listed below are representative of the knowledge, skill, and/or ability required.  

• 7+ years in Information Security, or IT Operations management and systems administration with at least 5 years specific to IT Security and at least 2 years managing IT Security staff.
• Strong knowledge of Information Security design, principles, and processes; Experience in writing and maintaining information security policies, standards, and guidelines.
• Incident response experience is required; in-depth knowledge of Windows/Unix operating system forensics, event logging systems, authentication methods, remote and local web application security, and penetration testing.
• Advanced experience in networking (TCP/IP) protocols, DNS, LDAP, AD, DHCP, HTTP, web browsers, firewalls, and other computer/network and application security and system administration.
• Demonstrated ability to monitor and audit network security systems such as Firewalls, IPS, SIEM, DLP, web proxy, NAC, and Vulnerability Scanners.
• Hands on experience with mitigating security controls (i.e., IAM, RBACs, anti-virus, IPS/IDS, DLP, web and network proxies, URL content filtering, multi-factor authentication, SSL VPNs). 
• Familiar with regulatory compliance regulations (PCI, PII, HIPAA, GDPR, etc.).
• Strong knowledge of common security frameworks (ISO, NIST, etc.).
• Experience in risk assessments and vulnerability management.
• General knowledge of Endpoint protection solutions.
• Knowledge of mainstream operating systems (Microsoft Windows, Linux, IOS) and a wide range of security technologies.
• Microsoft Azure DevOps Security design implementation, automation is a plus
• General knowledge of Database technologies and queries (Microsoft SQL, MySQL, Oracle, etc.) is a plus
• Ability to independently identify, research and resolve issues with minimal amount of supervision, and ability to work with peers in a team effort.

Interpersonal Skills:

• Detail oriented with excellent communication, organization and analytical skills.
• Ability to plan, take initiatives to accomplish objectives in a timely fashion, and work independently.
• Ability to prioritize work and meet deadlines.
• Ability to establish and maintain effective working relationships with project team members, supervisors, and other employees.

Education and/or Experience: Bachelor’s Degree in Computer Science, or a related discipline.

Language Skills:  Speak, read, write and understand English

Reasoning Ability: High

Certificates, Licenses, Registrations: CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), or CISA (Certified Information Systems Auditor) certification are highly preferred.

Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals to perform the essential functions.

• Under 1/3 of the time: Standing, Walking, Climbing or Balancing, Stooping, Kneeling, Crouching, or Crawling
• 1/2 to 2/3 of the time: Sitting, Reaching with Hands & Arms
• Over 2/3 of the time: Talking or Hearing
• 100% of the time: Using Hands

Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.  Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.