The Cyber Security Manager provides vision and leadership for the operation and stewardship of Security technology, personnel, and processes that detect, prevent, and respond to threats to Ferguson’s IT infrastructure and services. This includes managing Tier 1 – 3 Security Operations Center (SOC), Network Security, and CyberThreat Prevention services. Technology platforms include Security Incident Management, Firewalls, DDoS prevention, Wireless Security, Security Information and Event Management (SIEM), Email Security, URL Filtering, Intrusion Prevention, and related systems. Team functions include participation in planning, engineering, implementation, enhancement, operational support, mentoring, and coordination of resources and activities.
This position requires strong partnership with IT, Security, business, and third-party stakeholders, to ensure that Ferguson can execute its business plans.
IT Security Operations and Engineering (50%)
- Provide stewardship of people, process, and technology aspects of all Network Security, CyberThreat Prevention, and SOC services.
- Ensure that all Service Offerings are available and operating reliably.
- Ensure that personnel are cross-trained, to help others to develop and to ensure that there are no coverage gaps in service delivery.
- Establish and maintain good working relationships with all IT, Security, third-party, service consumer, and business stakeholders.
- Ensure that appropriate maintenance, monitoring, automation, and response procedures are in place, to meet Security and availability objectives.
- Ensure that employees and third-party resources conduct operations in a quality manner, in accordance with our ITIL and other documented processes.
- Gather, analyze, and report on service consumption and value delivered to customers, to ensure SLAs are met.
- Understand customer objectives and develop support strategies that map to Service Offerings.
- Ensure that the team operates within established budgets and timelines.
- Actively monitor new and emerging technologies, trends, issues, and solutions and assesses their applicability to Ferguson’s Cyber Security capabilities.
- Contribute requirements to technology selection process.
- Advocate for new/enhanced Security Service Offerings on behalf of Operations and its customers.
- Partner with Security Delivery to ensure that all new Security technology deployments include appropriate support and run-book documentation and that Security Operations team members are fully trained to take responsibility for monitoring, ongoing support, routine engineering, and operation of the new security technology.
- Partner with Security Governance team to monitor and enforce compliance with the organization’s security policies and standards among employees, contractors and third parties responsible for Cyber Security.
- Build and maintain a diverse and high-performing team, through actively recruiting, hiring, training, coaching, developing, and rewarding team members.
- Participate in the Security Ops & Engineering Leadership Team, to ensure reliable service delivery and efficient use of all resources.
- Develop and manage Goals and Development Items for each team member, monitoring progress and supporting successful completion.
- Coach and lead employees and on/off-site contractors / consultants with respect to Ferguson strategic direction for approved Security, Technology, and Business technology initiatives.
- Continuously assess and align core and extended team member skills with strategic Security and Technology direction.
- Develop and maintain critical 3rd-party partnerships to flex Security Operations capacity and skill to meet resource demand.
- Maintain and manage resource forecasting capability to consistently anticipate demand for Cyber Security resources.
- Inform and collaborate with Security Leadership team, regarding resource forecasting, skillset gaps, and other opportunities, to consistently anticipate demand for Cyber Security resources, while meeting SLAs.
- Maintain enterprise-level relationships with Technology Leadership in all Ferguson PLC business units and subsidiaries and partner with local security leads to ensure consistent and quality execution of global Cyber Security responsibilities.
Additional Job Duties and Responsibilities
- Adhere to all policies, rules, regulations, and procedures.
- Perform other duties or functions as requested by management.
- Participate in “on-call” rotation as a technical and functional expert
QUALIFICATIONS AND REQUIREMENTS:
- Six (6) years of experience is preferred to perform at expectation. Applies in-depth advanced knowledge and skills of a specific/specialized technical area with understanding of external environment factors that may affect own specialist area. Provides expert advice, coaching and counseling within discipline/function area.
Technical and Professional Skills
- Ability to organize and prioritize work.
- Ability to effectively communicate in writing.
- Ability to effectively communicate verbally.
- Ability to develop and deliver effective presentations to groups.
- Ability to lead and motivate individuals and teams.
- Ability to efficiently operate computers, tablets and mobile devices.
- Knowledge of Microsoft Office software (Outlook, Word, Excel, PowerPoint, Access, etc.).
- Systems Security Certified Practitioner or Certified Information Systems Security Professional preferred.
- Working understanding of the SDLC and QA lifecycle and methodology preferred.
- Ability to work on cross-functional teams.
- Ability to work with all levels of the organization: Executives to developers.
- Application of logic, reasoning, and problem solving.
- Strong ability to work with time/date deadlines.