Cyber Operations Manager

Job Description: • Lead 24x7 Threat Detection and Response Analysts providing operational and strategic planning • Work closely with customers on reporting, stewardship calls, and in the case of escalations • Enforce all policies and procedures, including those for security, disaster recovery, standards, and service provision • Drive continuous refinement and improvement of detection and response and incident response processes • Oversee the security of Client systems via Advanced Fusion Center (AFC) service • Keep current with the latest vendor updates, expansion opportunities, and technology directions • Collaborate and consult with other Managers on the overall advancement of the Security Operations organization and Optiv in general • Direct and drive process and documentation improvement • Manage staffing including recruitment, supervision, scheduling, development, evaluation, and disciplinary actions • Develop and maintain an educational environment where the knowledge and performance of the group are constantly advancing • Perform staff performance appraisals • Ensure timely reporting of security control gaps and vulnerabilities to the customer • Prepare reporting of metrics and trending of SLA & KPIs to the customer and client support staff • Stay abreast of evolving risks, new developments in the security industry, and industry best practices in risk management, threat analysis, and threat response techniques • Attend info security-related events and network with industry peers Requirements: • 12+ years professional IT and Information Security experience • 5+ years leading technical Threat Detection and Response teams • 5+ years professional experience in cyber operations centers • 3+ years professional experience in managed services • One or more certifications in Security/Networking including Security+, GSEC, GCIA, GCIH, CISSP, CISM, CISA, or other security-specific vendors/product certifications • Proven ability to make decisions and perform complex problem-solving activities under pressure • Advanced business acumen required • Sharp analytical abilities and the ability to make sound decisions quickly are required • Deep understanding of SIEM vendors, solutions, and architecture such as LogRhythm, QRadar, Splunk, Exabeam, etc. • Deep understanding of EDR vendors, solutions, and architecture such as Crowdstrike, Cylance, Carbon Black, Microsoft ATP • Deep understanding of regulatory compliance such as NIST, SOX, HIPPA, NERC CIP, PCI, etc. and their differentiators across global regions • Deep understanding of laws pertaining to cybersecurity and their differentiators across global regions • Understanding of Security Orchestration, Automation, and Response concepts • Experience working with ticketing and knowledge management systems such as Service Now • Experience with ITIL concepts and practices • Experience with security analytics platforms such as Kibana • Experience with reporting platforms such as DOMO and PowerBI Benefits: • Work/life balance • Professional training resources • Creative problem-solving and the ability to tackle unique, complex projects • Volunteer Opportunities • “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities • The ability and technology necessary to productively work remotely/from home (where applicable) Apply tot his job