Information Security Manager - Friedman Williams : Job Details

Information Security Manager New York NY

Job ID: 19954

The Manager of Information security is responsible for the leadership and development of the Global Information Security program.

Lead and Manage Engineering Team: Oversee a high-performing team of security engineers, driving the execution of security projects, incident response, and vulnerability management across systems and applications.

Hands-on Technical Leadership: Directly engage in hands-on engineering tasks, including designing, implementing, and reviewing security architectures, tools, and systems to mitigate risk and strengthen infrastructure.

Security System Development and Implementation: Take ownership of developing and deploying security solutions, including firewalls, intrusion detection systems, encryption technologies, and access control mechanisms.

Threat Hunting and Vulnerability Management: Lead proactive threat hunting efforts and oversee vulnerability scanning, assessment, and remediation to identify and address security gaps before they impact the organization.Engineering Team Development: Cultivate and nurture a highly skilled security engineering team by mentoring, conducting knowledge sharing sessions, and promoting a culture of continuous improvement.

Incident Response and Root Cause Analysis: Lead the technical response to security incidents, ensuring effective identification, containment, and resolution of threats, while conducting root cause analysis for long-term mitigation.

Security Automation and Tooling: Drive the development and integration of automation solutions to improve the efficiency and effectiveness of security operations, including SIEM tools, incident management, and threat detection systems.

Collaboration on Product Security: Partner with development teams to embed security in the software development lifecycle (SDLC), ensuring secure coding practices, conducting code reviews, and supporting secure application deployment.

Security Architecture and Design Reviews: Conduct regular security reviews of system architectures and designs, ensuring that new projects and features adhere to security best practices and organizational objectives.

Qualifications• Minimum 10+ years of experience in Information Security with experience in enterprise scale threat management program such as threat hunting, incident response, forensics.• Hands-on experience in designing and implementing technical solutions of IT Security tools at the enterprise level – e.g. Endpoint Security, Network Security, SIEM modeling, Vulnerability Management, etc.• Demonstrated hands-on experience in full cycle of incident response and post-incident activities – including prevention steps and building detection alerts.• Experience working with cyber threat intelligence and the Mitre ATT&CK framework.• Experience with SIEM technologies, including administration and analyst operation of SIEM within SOC functionality.• Ability to parse logs, create queries, and perform root cause analysis of events.• Understanding of malware, emerging threats, attacks, and vulnerability management.• Working experience on various security control technologies, such as IDS/IPS, Network and Host-based firewalls, DLP (Data Leakage Protection), encryption solutions, endpoint security• Knowledge of networking components and various operating systems and cloud environments and understanding their security principles and technologies.• Excellent communication skills, troubleshooting and analytical thinking skills, self-driven, multi-tasking, work collaboratively in a team environment, and willingness to adapt to change in dynamic, global environment are critical.• Participate in a 24×7 Incident Response Team and available to work evenings and weekends as needed.• Hands experience on cloud platform security (AWS, Azure) a plus• Programming / scripting experience with Python, Powershell etc. a plus• Bachelor's Degree and current industry Certifications (must be current):

Required:

• Certified Information System Security Professional – CISSP

Nice to have• SAN: GIAC, GNFA, GCFA, GPEN, GCDA, GCIH, etc.• Certified Ethical Hacker – CEH• Cisco certified Network Associate – CCNA• Cisco Information Security Specialist (CQS)• Cisco Certified Firewall Specialist – CQS• Cisco IPS Specialist (CQS)

If interested, please send your resume to Todd Grossman at: [email protected]

Tagged as: Information Security Manager