*Hybrid, 3 days onsite, 2 days remote*

A prestigious financial company is looking for a Cyber Defense Manager. This manager will lead a team of 3-5 individuals who will investigate threats and vulnerabilities related to digital forensics, incident response, application security, operating systems, networking, etc.

Responsibilities:

• Manage security tools including appliances, hosted systems, and SaaS - including health checks, version updates, and content development.
• Take a lead role in the systems life cycle performing upgrades, implementation of new technologies, and enhancement identification.
• Lead 3-5 employees and contingent labor professional for the cyber systems function within Cyber Defense.
• Manage team effectively in delivery of incident resolution, project tasks, compliance milestones, and systems implementations.
• Manages all members of the Cybersecurity team within Security Services. Assigns personnel to projects, directs their activities, and performs personnel actions (hiring, promotions, terminations, etc.)
• Perform talent management functions across the team, including performance reviews, direct feedback, and other administrative functions as required.
• Lead cyber security incident responders in response activities including investigation, coordination, review, and reporting.
• Oversee technical analysis of security events while coordinating incident response activities with internal and external teams.
• Ensure and directly oversee the collection and preservation of data associated with cyber security incident response activities following industry best practices and established procedures.

Qualifications:

• Minimum three years of information security experience, preferably in the financial services industry.
• Minimum two years hands-on security operations experience including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages, Incident Response
• Industry knowledge of leading-edge security technologies and methods working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities
• Professional security certifications is a plus (ie, GIAC, CISSP, CISA, CISM, CRISC)
• SIEM solutions
• Experience with Crowdstrike solutions
• Forensic analysis tools (Axiom, EnCase, FTK)
• Malware analysis tools (dynamic and static)
• Secure Web Gateway (BlueCoat, Microsoft Forefront) solutions
• Network sniffers and packet tracing tools (DSS, Ethereal and tcpdump, WireShark).
• Intrusion Detection & Prevention Tools such as SNORT/Sourcefire, Palo Alto, etc.)
• Encryption technologies (PGP, PKI and X.509)
• Hands on experience with network architecture, including network security.
• Hands on experience with Active Directory Security, including scans, best practices and security configuration.
• Hands on experience with Application Security controls including design, dynamic scans, static code analysis.
• Hands on experience with Incident Reponses process, procedures and Tools
• Identity and access management (I&AM) experience with Active Directory, NTFS permissions, LDAP and Single Sign On (SSO) solutions.
• Industry-standard metrics and measurements for SOC effectiveness
• Risk management in the context of the NIST CSF or another industry-standard framework
• Passion for creating tools and automating processes.
• Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.).