Information Security Engineering Manager

POSITION SUMMARY

The Information Security Engineering Manager  will manage a team of administrators, analysts and engineers responsible for deploying and maintaining processes and tools to secure the organization's systems and information assets. This position will specifically participate in managing areas such as network security, endpoint security, email security, cloud security, application security, vulnerability management, and other areas of security.

This manager should be well rounded with a strong cyber security background and have advanced technical skills in information technology and cyber security tools and practices as this manager will be working hands-on with various tools and technologies. The manager will lead a team participating in on-call rotation and will be responsible for developing employees and technology processes and operations to reduce internal, external, and third-party risk.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

The following job functions are not all-inclusive. The employee will be required to perform other job-related tasks/responsibilities as requested. Job duties may change as required by needs of company.

· Manage, mentor, and lead a team of IT security engineers to maintain a strong, secure environment while delivering the best efficiency and up-time of networks and endpoints

· Manage an on-call rotation and serve as an escalation contact for on-call engineers during and after regular business hours.

· Manage tools, processes and procedures in the areas of network security, endpoint security, email security, cloud security, application security, and vulnerability management

· Provide leadership, direction, and hands-on work for a wide range of security technologies including, but not limited to: EDR, IPS, NIDS, Firewall, Remote Access, Zero Trust Network Access, Database, Application Security Testing, Penetration Testing, Vulnerability Scanning, Secure Email Gateway, CSPM and CNAPP

· Support on prem data centers as well as cloud security in IaaS, PaaS, and SaaS cloud delivery models

· Create and maintain security documentation, diagrams, policies, and procedures

· Perform any additional tasks required to support IT and Security control objectives, business objectives, IT projects, and others

· Implement, coordinate, and manage remedial measures for system security events, incidents, and vulnerabilities to ensure timely resolution and minimize risk exposure

· Assist in IT Security exercises, audits, and third-party reviews

· Provide informative and actionable security metrics to demonstrate the efficacy of tools and technologies, delivering monthly and quarterly reports to leadership to support strategic decision making and continuous improvement.

· Keep abreast of industry security trends and current systems threat profiles

SKILLS/KNOWLEDGE/ABILITIES:

Required Experience:

· BA/BS in Computer Science, Computer Engineering, Information Systems, or equivalent experience

· 7-10+ years in Information security with 3-5+ years of experience managing people or in a technical leadership role

· Experience in network security, endpoint security, application security, cloud security, email security and vulnerability management

· Demonstrated ability to set priorities, delegate work, conduct performance reviews, and mentor engineers at varying skill levels

· Experience managing multiple simultaneous projects.

· Experience building and scaling security engineering programs in highly regulated environments, preferably Financial Services or similar

Knowledge and Skills Required:

· Strong research and trouble-shooting skills

· Strong verbal and written communication skills

· Knowledge of methods to secure systems, databases and applications

· Broad understanding of current information security technologies, security industry trends, etc.

· Quick learner, adaptable, flexible, customer service oriented, a team player, and always closes the loop with the customer

CERTIFICATIONS, LICENSES, and/or REGISTRATION

· Preferred: the following licenses or certificates are preferred: CISSP, CISM, CISA, CEH, CSSLP, CHFI, CCSP, GCIH, GCIA, ITIL v3, MCP, CompTIA A+, CompTIA Network+; CompTIA Security +, AWS, Azure

LOCATION & COMPENSATION:

· This role is fully remote, preference of EST working hours.

PHYSICAL DEMANDS and WORK ENVIRONMENT

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to sit and use hands to handle, touch or feel objects, tools, or controls. The employee frequently is required to talk and hear. The noise level in the work environment is usually moderate. The employee is occasionally required to stand; walk; reach with hands and arms. The employee is rarely required to stoop, kneel, crouch, or crawl. The employee must regularly lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, color vision, and the ability to adjust focus.

EEOC

Bayview Asset Management is an Equal Employment Opportunity employer. All aspects of consideration for employment and employment with the Company are governed on the basis of merit, competence and qualifications without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, or any other category protected by federal, state, or local law.