Manager, Cybersecurity Threat Management

Overview

We are seeking a highly skilled and experienced Technical Manager to join our team. The ideal candidate will possess a deep understanding of cybersecurity threats, incident response, and advanced security technologies. You will be responsible for monitoring, analyzing, and responding to security incidents, as well as implementing proactive security measures to protect our organization's critical assets. As the lead Technical Manager, you will be the point of escalation for any incident related to Cyber Security Threat Management.

Responsibilities

• Threat Hunting and Detection:
• Proactively search for advanced threats and indicators of compromise (IOCs) within the network environment.
• Develop and implement advanced threat hunting strategies and techniques.
• Analyze security events and logs to identify potential security incidents.
• Incident Response:
• Conduct in-depth investigations of security incidents.
• Develop and implement incident response plans and procedures.
• Coordinate with other teams to contain and mitigate security incidents.
• Perform forensic analysis to gather evidence for incident investigations.
• Security Monitoring:
• Monitor security systems and tools for anomalies and suspicious activities.
• Analyze security alerts and generate actionable intelligence.
• Tune security systems to optimize performance and reduce false positives.
• Security Automation:
• Develop and implement automation scripts to improve efficiency and reduce manual tasks.
• Automate security processes and workflows.
• Threat Intelligence:
• Stay up-to-date on the latest cybersecurity threats and trends.
• Analyze threat intelligence to identify potential risks to the organization.
• Share threat intelligence with the security team.
• Security Tool Management:
• Manage and maintain security tools and technologies.
• Evaluate and recommend new security tools.
• Other Responsibilities:
• Mentorship to L1/L2 Analyst
• Creation of Security Report and Threat Landscape.
• Updating of the Playbook and Documention on per need basis.

Qualifications

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Minimum of 5 years of experience in security operations or a related field.
• Strong understanding of network protocols, operating systems, and security architectures.
• Expertise in security technologies such as firewalls, intrusion detection systems, intrusion prevention systems, endpoint protection, and SIEM.
• Proficiency in scripting languages (Python, PowerShell, etc.) for automation.
• Strong understanding of SANS PICERL or NIST Incident Response procedure.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Certifications such as CISSP, CISA, or SANS certifications are preferred.

Additional Requirements

• Experience with cloud security platforms (AWS, Azure, GCP).
• Knowledge of threat intelligence platforms and data sources.
• Experience with security incident and event management (SIEM) tools.
• Familiarity with security orchestration, automation, and response (SOAR) platforms.