The Manager of Enterprise Security is responsible for the establishment and management of security incidents and policies. This position will need to adapt to changing security threats and regulations while working with a team to suppress and alleviate breaches. They will manage an incident response analyst team, creating standards, processes, and policies for log monitoring and responding to incidents. Leads forensic investigations and documenting results.

Essential Functions and Responsibilities

  • Develops and manages an enterprise-wide incident response program
  • Plans, organizes and executes processes to restore normal service operation as quickly as possible to minimize impact to service operations
  • Manages a team of engineers assigned to Enterprise Security
  • Develops and manages SIEM rules, reports, and logging
  • Works with application owners and vendors to configure custom logs and alerting such as for brute force attack against Mobile (i.e., working on logs/alerting/rules/reporting for systems outside of the primary SIEM solution)
  • Analyzes and takes action on phishing emails/calls/texts to employees and members
  • Develops rules and monitors procedures for IDS/IPS/NexGen firewall and next generation malware protection
  • Develops and manages incident response training sessions
  • Acts as an escalation point and communicate with senior and executive leadership during major incidents and outages (including the active participation and leadership with troubleshooting, diagnosis and resolution)
  • Performs post-mortem process and reviews; creating a culture of curiosity surrounding events that impact global operations
  • Monitors and tests fixes to ensure problems have been adequately resolved
  • Maintains and updates the corporate incident response plan
  • Manages security forensic activities on potential compromised systems and unauthorized changes to production configurations
  • Manages the chain of custody for all evidence collected during incidents and security investigations
  • Analyzes performance of incident management activities and documented resolutions, identifies problems, and devises and delivers solutions to enhance quality of service and to prevent future problems
  • Tracks and analyzes trends in incident reports and generate statistical reports
  • Researches, reports on and implements new solutions in the area of incident management
  • Develops an application security program and works with the development team to ensure the CIA of WGU software and services.
  • Continuously monitors network monitoring, Red Flag Rule, SIEM, SCCM and other alert logs for potential breaches.

  • Knowledge of NIST, HIPAA, GLBA, ISO, and Network/Infrastructure standards
  • Good written and oral communication skills with the ability to explain complex security problems to client groups
  • Hands-on technical implementation of information systems
  • Excellent analytical, problem solving, and decision making skills required
  • Solution-driven approach to problems
  • Ability to maintain strict confidentiality with regard to sensitive workplace issues
  • Bachelor’s Degree in related field
  • 5 years minimum experience in Information Security
  • Experience with SIEM and network monitoring tools

Preferred Qualifications

  • Master’s degree in related field
  • Industry security certifications (CISSP, CISA, CISM, or CRISC)


Read Full DescriptionHide Full Description
Confirmed 12 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles

One Step Register
Need an account? Sign Up