Senior Manager, Security Operations
A+E NetworksNew York, NY
Full Time Job
THE ROLE: Senior Manager, Security Operations
Cyber Security is a growing team of security professionals, charged with the protection of technologies, data, and content across the global enterprise. We leverage internal resources as well as a Managed Security Services Provider (MSSP) to perform security operations globally. We support the company's media supply chain, as well as its corporate user base, and everything in between. Cyber security is part of every technology project, and at the forefront of all of A+E's Global Technology and Operations initiatives.
This team is at the onset of implementing and standardizing new tools and processes, transforming how we monitor and protect our corporate assets. We partner with the Operations, Infrastructure, Engineering, and other teams to ensure security events are analyzed, and incidents are quickly responded to and remediated. This position will interact regularly with these teams, and own the relationship with the MSSP, to ensure any new systems or processes are operational and continuously monitored.
You will partner with other technology leaders to make sure we are delivering best-in-class solutions that to reduce the company's risk level and improve its incident response times. You should be able to work autonomously to manage your projects and improve our response plans and processes. As the Senior Manager, Security Operations, we'll trust you to:
MORE ABOUT WHAT YOU'LL DO:
• Have overall responsibility for managing and building a global security operations capability, to ensure all A+E systems, employees, and data are protected.
• Lead security-related projects from inception to successful completion. Coaching other technology staff on appropriate security requirements as they implement new technology into the organization.
• Recommend new solutions and make improvements to existing security controls that support and enable business innovation.
• Lead the Technical Security Incident Response Team and participate as a member of Change Management Team.
• Participate in technical projects requiring Cybersecurity oversight and ensure policies, procedures and standards are met.
• Benchmark, analyze, and make recommendations for the improvement and growth of A+E's technology and security operations and services.
• Implement and use technologies related to discovery, reporting, and control of confidential data in on-premises files shares, Microsoft Office 365, internet file storage facilities, and Amazon AWS storage environments. (AWS Macie, Varonis, etc.)
• Partner with the Cloud Architecture and Technical Operations teams to ensure proper auditing, logging, and monitoring controls are implemented in A+E's Amazon AWS and Microsoft Azure infrastructures, and that they are accessible and actionable as part of the security operations capability. (AWS Guard Duty, Cloud Trail, Cylance, etc.)
• Implement other technical security analytics and detective systems and monitor them for unusual and suspicious activity across a wide range of products.
• Conduct independent verification and validation testing of A+Es technology infrastructure to identify security gaps and weaknesses.
• Develop and recommend necessary changes to the technology environment to ensure systems are compliant with regulatory requirements and privacy laws.
• Stay abreast of the security industry threat landscape, specifically within the Media and Entertainment industry, and brief the technology management team on current intelligence.
• Assist with security configuration standards for systems and business applications.
• Be a change agent and drive the department and business forward using effective management, analysis and strategic skills.
WHAT YOU'LL LEARN:
On our team, you'll have the opportunity to innovate. You'll have an opportunity to assess, recommend & lead the implementation of the latest security technologies. In addition, you'll be able to work with a strong team of technologists and engineers that deeply care for our business and are eager to push the envelope wherever possible. Finally, you will have a unique opportunity to be part of some major initiatives to revamp and transform our security ecosystem, using things like Machine Learning technologies, Security Analytics platforms, User and Entity Behavior Analytics (UEBA) platforms, and pushing our data and systems to a more cloud centric environment.
YOUR STORY: [+BEHAVIORS] (what you need to have)
• Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent work experience.
• At least 5-7 years of cyber security experience.
• At least 3 years in a leadership role.
• Expertise in incident response and system monitoring and analysis.
• Expertise leading investigations and coordinating security response team activities.
• Experience with security frameworks and privacy compliance requirements (ISO 27001, NIST CSF, GDPR, etc.).
• Experience in conducting risk assessments that protect the business and adhere with compliance and privacy laws.
• Knowledge of multiple computing platforms, including Network, Windows, OSX, Linux, Unix, etc.
• Expertise using Security Correlation and Analytics platforms like Splunk, ArcSight and the like.
• Expertise deploying and maintaining endpoint security products like Cylance, Carbon Black, CrowdStrike, etc.
• Experience with User Behavioral Analytics platforms, like Vaornis, and using them for analysis of inappropriate file accesses, and file and drive permissions.
• Experience investigating general tickets assigned to the security queue and responding to level 2 and 3 alert escalations from the Security Operations Center.
• Experience with vulnerability management and penetration testing engagements.
• Demonstrate solid organizational skills and the ability to multi-task, prioritize workload and delegate responsibilities.
• Demonstrate excellent judgment and the ability to make quick decisions in the heat of the moment when security incidents are taking place.
• Possess a high level of integrity, trustworthiness and confidence, and represent the A+E and the Cybersecurity team at the highest level of professionalism.
• Works effectively with a variety of personalities and can adapt your approach to effectively reach and develop technology team members. Use this skill as well as your functional knowledge to both earn and maintain a high level of credibility with the team.
• Highly effective communications skills with the ability to influence other technical experts, and the ability to explain complex security topics to the layperson.
• Acts with integrity, takes pride in w
A E's Technology team is deep-rooted in the heart of our business. We have great people and great technologies, and together we take on the toughest challenges. As innovators, we choose to iterate, pivot, and adapt quickly. We've reinvented the way A E leverages technology to produce and sell world-class content. We've modernized our core solutions and embraced a cloud first approach. Perched on the virtues of our ''Technology Code'', we make technology better, create solutions together, and most of all, we have fun with it. Our team members are motivated individuals who help each other do remarkable things every day. Together we deliver best-in-class solutions that transform the way A E works. If this sounds like something you want to be a part of, we want to hear from you!