Technical Security Manager
Technical Security Manager ? eCommerce
- As a direct report to the Director of Security Engineering, you will have the following responsibilities:
- Lead a team of security engineers to design and build security controls into major areas
- Familiarity with SecDevOps, secure application development, large e-commerce platforms and web services a must.
- Work closely with functional-area architects, engineering, and security specialists to ensure adequate security solutions and controls are in place throughout all IT systems, cloud systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements.
- Provide security subject matter expertise on cloud control implementation for enterprise-scale projects.
- Serve as a security expert in cloud-based application development, database design, network and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices.
- Design security configuration standards, procedures, and guidelines for platforms such as baseline security configurations and hardening guides.
- Design and build controls to address security risks and events as identified.
- Define clear, concise, and executable standard operating procedures and documentation for any implemented solutions for formal operational handoff to other groups.
- Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk.
- Researches, designs, and advocates new technologies and security products that will support security requirements for the enterprise and its customers, business partners, and vendors.
- Contributes to the development and maintenance of the information security strategy.
- Evaluates and develops secure solutions, based on approved security architectures.
- Analyzes business impact and exposure, based on emerging security threats, vulnerabilities and risks.
- Communicates security risks and solutions to business partners and IT staff.
- Embrace a culture of continuous service improvement and service excellence.
- Stay up to date on security industry trends.
- 7 years in Information Security space;
- Strong experience with cloud security strategy, with a passion to make security realistic, achievable and interwoven with the business fabric.
- Strong experience in migrating enterprise companies from traditional data center infrastructure, application and data designs to hybrid or fully-cloud enabled practices.
- Strong experience with security in cloud provider ecosystems such as AWS and Azure.
- Strong experience with product security, product development, dev ops and secure dev ops processes and the ability to integrate into these teams.
- Strong experience with designing security for large e-commerce platforms and web applications.
- Strong experience with a broad range of security technologies, including NextGen Firewalls, DLP, NAC, IDS/ IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management.
- Strong experience with logging and alerting platforms, including SIEM integration.
- Some experience with relational database platforms such as MSSQL, Oracle and MySQL.
- Some experience with Unix/Linux and Windows system administration.
- Some experience with NoSQL database platforms, including Mongo, Cassandra.
- Some proven ability in security process and organizational design.
- Current understanding of Industry trends and emerging threats; and
- Knowledge of incident response methodologies and technologies.
This job was originally posted as www.jobsite.co.uk/job/959363233