Sr. Security Operations Manager

15+ years experience  •  Energy / Oil & Gas

Salary depends on experience
Posted on 08/04/17
Miami, FL
15+ years experience
Energy / Oil & Gas
Salary depends on experience
Posted on 08/04/17

Summary of Position:

The Sr. Security Operations manager is a critical member of the Enterprise Security Office. This position will function as the interface between the CSO's strategic and process-based activities and the work of the security engineers, administrators and specialists in the Security Operations Organization. The Sr. Security Operations manager must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. This position will coordinate the technical operation activities to implement and manage securityinfrastructure, and to provide regular status and service-level reports to both IT management and the CSO.

The Sr. Security Operations manager will represent security requirements during IT planning initiatives to ensure security measures are incorporated into strategic plans and that service expectations are clearly defined. This position will also manage the Litigation Support team in support of our legal department facilitating eDiscovery requests, forensics analysis and Incident response support.

  Principal Duties and Responsibilities:

  • Work with IT leadership and the Enterprise Security Office to develop a security operations program and security projects that address identified risks and business security requirements
  • Manage the process of gathering, analyzing and assessing the current and future threatlandscape, as well as providing the IT leadership and CSO with a realistic overview of risks and threats in the enterprise environment
  • Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance
  • Manage a staff of information security engineers, administrators, and specialists. Hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members
  • Assist resource owners and IT staff in understanding and responding to securityaudit failures reported by auditors
  • Manage security production issues and incidents, and participate in problem and change management forums
  • Work with the CSO and IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security operations program
  • Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware and software
  • Assist in the research, evaluation, design, test, recommendation and implementation of new or updated information security hardware or software
  • Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements
  • Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements
  • Manage and coordinate operational components of incident management, including detection, response and reporting
  • Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices
  • Manage the day-to-day activities of threat and vulnerability management, recommend treatment plans and communicate information about residual risk
  • Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements
  • Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks
  • Manage the Identity and Access Management processes and tools to ensure efficient user and access management practices
  • Respond to requests from auditors during the assessment of audit controls

    Education and Experience Requirements:

  • A minimum of 15year of IT experience, minimum 8years of which need to be in an information security role
  • A minimum of 5 years in a supervisory capacity, preferably in security operations
  • A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred

  Physical Requirements: 

This is primarily a sedentary office position which requires the Auditor to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary.

  Additional Requirements:

  • A CISSP or CISM certifications is required
  • C|CISO certification desired
  • Adept at conducting research into project-related issues and products – strong analytics skills
  • Strong technical understanding of network, system, data and application security
  • Strong understanding of operating system internals and network protocols
  • Experience with the principles of cryptography and cryptanalysis
  • Experience in application technologysecurity testing (white box, black box and code review)
  • Experience in system technologysecurity testing (vulnerability scanning and penetration testing)
  • Strong knowledge of security operations concepts, threat and vulnerability management processes and Security Operations Centers (SOC)
  • Extensive security operations, incident response, incident detection, malware detection, and threat response experience
  • Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff
  • A strong understanding of the business impact of security tools, technologies and policies
  • Experience working with legal, audit and compliance staff.
  • Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, NIST-800 series and the IT Infrastructure Library (ITIL)
  • Strong leadership abilities, with the capability to develop and guide information security team members and operations personnel, and work with minimal supervision
  • Experience at working as a leader and collaborator in a team-oriented environment is essential
  • Can conform to shifting priorities, demands and timelines through analytical and problem-solving capabilities
  • Reacts to project adjustments and alterations promptly and efficiently
  • Flexible during times of change
  • Ability to read communication styles of team members who come from a broad spectrum of disciplines
  • Persuasive, encouraging, and motivating
  • Ability to elicit cooperation from a wide variety of sources, including upper management, clients, and other departments
  • Ability to defuse tension among project team, should it arise
  • Ability to bring project to successful completion through organizational dynamics
  • Strong written and oral communication skills
  • Strong interpersonal and operational skill sets
  • Strong customer service skills and focus required
  • Ability to effectively prioritize and execute tasks in a high-pressure environment is crucial
  • Tenacious, driven, energetic and a high degree of professional integrity


This description outlines the basic responsibilities and requirements for the position noted. This is not a comprehensive listing of all job duties of the Associates. Duties, responsibilities and activities may change at any time with or without notice.

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.