We are seeking a highly skilled Information Security Manager to join our SecOps team. This role is purely operational and involves monitoring security information and event management (SIEM) systems, investigating security events, running vulnerability scans, and supporting the service desk. The ideal candidate will have experience with Microsoft Sentinel, ServiceNow ticketing, Qualys, and ZeroFox.
Major Responsibilities:
Continuously monitor the SIEM to identify and analyze potential security incidents and threats.
Investigate security events escalated from the service desk or managed security service providers (MSSP), determining the root cause and implementing corrective actions.
Run regular vulnerability scans using tools such as Qualys, and work with relevant teams to remediate identified vulnerabilities.
Train the service desk on SecOps processes and procedures to ensure effective initial triage of security events.
Compile and report on operational metrics to provide insights into the security posture and the effectiveness of security controls.
Leverage Microsoft Sentinel for advanced threat detection and response, utilize ServiceNow for efficient ticket management, and employ ZeroFox for social media threat monitoring and protection.
Lead a team of highly capable Security engineering staff who maintain security for system environments.
Ability to mentor and have the capability influencing the group.
Create and drive proactive monitoring and reporting for endpoint and system health including, patching, compliance, and other performance metrics.
Manage vulnerability remediation and incident handling across global resources
Implement new security technologies as required to support a dynamic/challenging business environment
Identify operational opportunities to implement security orchestration and automation capabilities
Support InfoSec-managed tools and enforcement of global security controls
Effectively provide general information security guidance & technology support to the business
Manage on call schedule and incident escalations
Maintain the day to day operations of configuration management platforms including application deployment and settings distribution
Work as the escalation point between various teams for Security related activities.
Drive client and system security model and best practices
Drive business decisions through data using tools like Splunk
Integrate with other internal systems and tools
Manage transition plans for major upgrades or patches
Diagnose and investigate unique and complex systemic problems
Work proficiently with minimal daily guidance and bring mature seasoned skills when working
Evaluate and communicate security risk to a wide and varying audience
Key Working Relationships:
Position Reports to: Director, Security Operations and Enigeering Team
Position directly supervises: One or more analysts
Indirect Reporting: CISO, Senior Director Technology, Operations & Information Security
Other Internal and/or external contacts:
Internal:IT leadership and staff across regions, HQ and Nairobi iHub, global Safety and Security Team, line personnel across all regions, emphasis on International Programs.
External:Participates in sector discussions of IT security-related issues.
Job Requirements:
Education:Bachelor's degree in an information systems-related field required.
Work Experience:3-6 years in IT system design, implementation and operations in a global organization; 1-3 years with IT security systems