Information Security Monitoring Manager

National Headquarters – Irvine, CA
General Summary
This management-level position will lead the security monitoring capabilities within the Information Security Team and will collaborate closely with the Security Engineering component. The successful candidate will be responsible for establishing and managing various monitoring and analytical programs to mitigate overall cyber risks to the enterprise. The role will manage programs around security event monitoring, incident management, insider misuse, trend analysis, and cyber security threats. Excellence is an expectation, and strong teamwork, communications, leadership, and agility are critical success factors.
Duties and Responsibilities
1. Implement a Data Loss Prevention (DLP) solution to monitor, identify and protect electronic data as it moves through the organization. Define policy/rules for the DLP solution and refine them as the DLP strategy matures. Develop incident response workflow to address incidents raised through DLP. Analyze reports from DLP and provide metrics to management.
2. Implement a security information & event management solution to log, collect, centralize, correlate and analyze security events across network appliances, servers, computers, databases and applications to detect internal misuse, external intrusion and threats.
3. Implement a cyber risk management program to include threat intelligence, cyber intelligence, and business reputation intelligence.
4. Develop a cross functional Incident Management Process to monitor, detect, assess, escalate, contain, communicate and mitigate potential security events. Regularly update Incident Management Response plans and perform response drills to ensure the business and supporting response teams are aligned with their roles and responsibilities.
5. Perform all other duties as assigned.

Knowledge and Skills
• Knowledge of network security, cloud security, intrusion detection and analysis, cyber defense, vulnerability and threat assessments.
• Knowledge of information security event management collection, analysis, and response.
• Knowledge of incident management plans.
• Knowledge of Access Controls, Directory Services, LAN infrastructure and technical standards.
• Knowledge of system and network forensic best practices.
• Knowledge of firewalls and firewall architecture.
• Knowledge of network and host-based intrusion detection systems and architecture.
• Knowledge of secure application development and database security.
• Working understanding of the OSI Model, TCP/IP and network security protocols.
• Knowledge of secure application development principles, commonly exploited vulnerabilities and applications, and exploitation techniques.
• Ability to analyze and resolve problems in a fast-paced, dynamic business environment. Good organizational skills and agility to handle multiple priorities.
• Strong verbal and written communication skills.

Education and Experience
• Must: 5 years progressive experience in information security.
• Must: 8 years progressive experience in an information security / information technology domain.
• Must: BS degree in information security-related field or demonstrable subject matter expertise.
• Prefer: CISSP, CISM, CISA, ITIL, or other related information security certification.


. . . . . . . .

Leave a Reply