Cybersecurity Manager

December 13

Apply Now

Receive Emails with Similar Jobs

Saks

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

Founded 1924

🛒 Retail

👗 Fashion

🛍️ eCommerce

Description

• A highly motivated Cybersecurity Manager within the Cyber Security Operations Center (CSOC) with expertise in Security Information and Event Management (SIEM). • This role involves monitoring, analyzing, and responding to security threats and incidents, while also managing partnerships with Managed Detection and Response (MDR) partners. • The goal is to ensure alignment with our security objectives, service level agreements (SLAs), and compliance requirements. • Lead and mentor a team of security analysts, providing guidance and support. • Define and implement processes for collaboration between in-house CSOC teams and MDR. • Prepare and present regular reports on security incidents, trends, and performance metrics. • Provide recommendations for improvements based on analysis of security incidents and trends. • Collaborate with Managed Detection and Response providers. • Monitor MDR activities to ensure compliance with Service Level Agreements (SLAs) and contractual obligations. • Evaluate reports, alerts, and threat intelligence provided by MDRs for accuracy and relevance. • Lead the investigation of complex security incidents, including data breaches, malware infections, and unauthorized access. • Perform detailed forensic analysis of compromised systems and networks. • Document and report on security incidents, findings, and recommendations. • Gather, analyze, and disseminate threat intelligence from multiple sources (e.g., open-source, commercial feeds, ISACs). • Conduct threat hunting activities to proactively identify security risks and vulnerabilities.

Requirements

• Bachelor’s degree in Computer Science, Information Security, or related field. • Advanced degree preferred. • Minimum of 5-8 years of experience in a SOC or CSOC role with a focus on SIEM, incident response, SOAR, and threat intelligence. • Professional certifications such as CISSP, CISM, GIAC (GCIH, GCIA, GCFA), CEH, or similar. • Experience with cloud security platforms and technologies (AWS and Azure) • Familiarity with scripting and programming languages (e.g., Python, PowerShell) • Knowledge of Cloud IDP solutions (e.g. Sailpoint, Okta, Azure etc) • Experience with large scale and complex incidents of all types to include APT, DDOS, ransomware, web/mobile compromise, account compromise, data disclosures, etc. • Experience in network intrusion detection, including experience using common network monitoring tools - IDS, IPS, SIEM and Syslog • Understanding of common network vulnerabilities and penetration testing tools including but not limited to Metasploit, Qualys, Nessus, and Nmap • Knowledge of Log analysis, correlate events and identify indicators of threat activity via SIEM Tools; such as Sumo Logic • Knowledge of EDR Tools, triage investigation; CrowdStrike • Knowledge of Email Security, Phishing/Malware Email Analysis, Data Loss Prevention • Demonstrated ability to perform independent analysis of complex problems and distill relevant findings and root causes • A broad and deep understanding of cyber-security threats, vulnerabilities, controls, and remediation strategies in global enterprise environments • Knowledge of technologies, systems, and networks as well as typical gaps that could impact the ability of an organization to effectively detect and respond to cyber attacks • Demonstrated knowledge of common adversary tactics, techniques, and procedures • Strong foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems. • The use of host and network forensic methods and tools • The application of threat intelligence in incident response and forensic investigations • Malware analysis and comprehension of attack methodologies • Navigating and querying enterprise logging solutions to extract and manipulate data • Analyzing network, host, and user activity data to detect irregularities • Excellent analytical, problem-solving, and decision-making skills. • Strong written and verbal communication skills. • Ability to work in a fast-paced, high-pressure environment and manage multiple priorities effectively.

Benefits

• Benefits package for all eligible full-time employees (including medical, vision and dental) • An amazing employee discount