IT Security Manager
Summary:
We are seeking a highly motivated and experienced IT Security Manager to lead and enhance our cybersecurity posture. The ideal candidate will have a proven track record of implementing and managing security solutions, developing and enforcing security policies, and collaborating with cross-functional teams. This role requires a strong understanding of security frameworks (e.g., NIST CSF), authentication protocols, incident response, and vendor management.
Responsibilities:
- Lead and manage the transition to modern authentication methods, including Azure AD integration, streamlining authentication paths and improving security.
- Develop, implement, and maintain comprehensive security policies and standards aligned with industry best practices (e.g., NIST CSF).
- Implement and manage cybersecurity awareness training programs to educate employees about phishing and other threats.
- Drive the protection of Operational Technology (OT) environments by collaborating with infrastructure teams to develop secure architectures, including segmentation and access control plans.
- Manage relationships with Managed Security Service Providers (MSSPs) and multiple security vendors for various products and services.
- Develop and maintain documentation for key security processes, including vulnerability and patch management, and incident response procedures.
- Collaborate with infrastructure teams to design and implement secure network architectures supporting microsegmentation and traffic analysis.
- Work with stakeholders to implement robust privileged access management, including separating native and cloud administration accounts and enforcing FIDO2 authentication for privileged roles.
- Administer and manage Privileged Access Management (PAM) solutions (e.g., Delinea/Thycotic, Azure PIM).
- Oversee the implementation and management of email security protocols (DMARC, DKIM) to enhance email security and prevent spoofing.
- Plan and execute incident response tabletop exercises to test and improve incident response capabilities.
- Manage Public Key Infrastructure (PKI), including Microsoft and Sectigo certificate solutions.
- Conduct risk and cost analysis to optimize security toolsets and improve team performance.
- Contribute to cost optimization initiatives related to software licensing and security tool rationalization.
Qualifications:
- Proven experience in IT security management, with a focus on implementing and managing security solutions.
- Strong understanding of security frameworks (e.g., NIST CSF), authentication protocols (e.g., Azure AD, ADFS), and incident response methodologies.
- Experience managing MSSP and vendor relationships.
- Experience with privileged access management (PAM) solutions.
- Knowledge of network security concepts, including segmentation and traffic analysis.
- Experience with email security protocols (DMARC, DKIM).
- Experience managing PKI.
- Excellent communication, collaboration, and problem-solving skills.
- Ability to work independently and as part of a team.
#10608