Job Purpose & Overview
Do you have a strong understanding of information security SOC operations and technologies? Have you built lasting relationships with business owners and vendors? Appfire is looking for a creative problem-solver and a self-starter to join our Information Security team. The Senior Manger, SecOps will handle diverse security-related tasks and issues for our rapidly growing company, including managing risk through a shared vision with Appfire’s business leaders.
You’ll work closely with our CISO and security operations center (SOC) team to manage diverse security operations tasks for our rapidly growing company, with a focus on people, practices, systems, and metrics. You’ll be asked to keep up with the latest industry requirements and will assist in threat intelligence monitoring, monitoring, and responding to security events and incidents. Additionally, you’ll be responsible for ensuring the conduct regular of security testing and monitoring to comply with Appfire policy, as well as provide ISO 27001 and other audit support. If you’re a highly organized, detail-oriented expert communicator with SOC technology experience, let’s chat!
The Senior Manager, SecOps will manage information security risk, through shared vision with the CISO and business leaders, by the development, implementation, and administration of comprehensive information security operations program(s) as well as integration practices for any ongoing and future mergers and acquisitions. This includes reviewing any significant changes within the Appfire organization and ensuring proper alignment with information security practices.
The Senior Manager, SecOps, will also coordinate with the CISO and key stakeholders to align information security practices against applicable regulations, laws, standards, and guidelines in a security operations role. This includes supporting incident management, security monitoring, security awareness, ISO, and SOC 2 audits, and aligning with NIST and other security operations standards.
The Senior Manager, SecOps will also lead the SecOps team to ensure compliance with security operations policies and standards within the IT Operations and Product Engineering environments. The Security Operations team will report to this position.
Coordination of efforts with security engineering and security governance, risk, and compliance team efforts will be an important to ensure success.
The Senior Manager, SecOps, will engage in professional development to maintain continual growth in professional skills and knowledge essential to the position and will act as a backup to the CISO.
What You Will Do
- Define and manage the company’s information security operations program, including policies, processes, and systems to protect company assets, including intellectual property, data, the company’s reputation, and mergers and acquisitions.
- Identify and recommend potential areas where existing data security practices require change, to mitigate key security risks.
- Partner with various business areas to enhance security practices.
- Use a sound foundation in key technologies including servers, networking, operating systems, databases, SaaS, and cloud-based services to allow for effective management of evaluations and recommendations for securing and monitoring these systems.
- Facilitate internal and external penetration testing and audit participation, where applicable.
- Respond to security incidents and events to protect customers and Appfire data and systems.
- Mange SOC operationalization and operations functions
- Mange enterprise incident response and threat hunting
- Support network and host digital forensics
- Perform SIEM event monitoring and security event response functions.
- Lead in the identification and implementation of security operations tools and processes.
- Identify security control gaps and assist in control remediation.
- Work on the coordination and facilitation of Appfire’s security governance goals and initiatives
- Provide support and act as key stakeholder for regulatory and compliance initiatives (e.g., ISO 27001, SOC2, GDPR, etc.).
- Develop control key performance indictors (KPI) to ensure compliance-related controls are operating to an acceptable tolerance level.
- Assist in implementing integration plans for Appfire acquisitions.
- Evaluate and recommend SOC related technologies and solutions for future implementation.
- Handle sensitive and/or confidential material and information with suitable discretion.
What We Would Like to See
- A minimum of 8 years of experience in information security focused positions.
- Bachelor’s Degree in Computer Science, Information Security, Engineering, related curriculum, or equivalent experience.
- Knowledge of common Information Security frameworks such as CIS, ISO 27001 & SOC 2 a plus.
- Knowledge of security operations tools such as SIEMs, centralized logging systems, EDR, email security gateways, incident tracking systems, ticketing systems.
- Prior experience with cloud-based security tools, technologies, and controls a plus (e.g, Amazon AWS, Azure, Heroku, GCP)
- Ability to work effectively within a fast paced, changing environment that is going through high growth.
- A self-starter with the demonstrated ability to take initiative, who can proactively identify issues/opportunities and recommend actions.
- Strategic analysis, creative problem solving, and business judgment are required.
- Excellent interpersonal and communication skills
- CISA, CISM, CISSP, CEH, CRTP or similar security focused certifications is a plus.
What We Offer
- Every Appfire employee is eligible for company equity
- 10 paid holidays + Flexible PTO – no set number of days that you must take in a year
- 100% company-paid health insurance
- 50/50 split dental and vision insurance
- Flexible Spending Accounts
- Mobile phone and Internet stipend
- 401(k) Matching Component
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided