Manager Security Operations (Hybrid)
Atlanta, GA Atlanta, GA Full-time Full-time Estimated:
$120K - $151K a year Estimated:
$120K - $151K a year 11 days ago 11 days ago 11 days ago Are you interested in a unique opportunity to work on cutting-edge and innovative products of tomorrow, with a team of engineers with similar passion and open to creative thinking? Neptune Technology Group Inc.
is a technology company serving water utilities across North America.
Since 1892, we have continually focused on the evolving needs of water utilities - revenue optimization, operational efficiencies, and improved customer service.
With our portfolio of smart water meters, data collection systems, and software, we make data actionable for our customers - so they can remain focused on the business of water.
For additional information, please visit the company website at www.
neptunetg.
com.
Position
Summary:
As the Security Operations Manager, you will be responsible for ensuring the organization is effectively designing, developing, and implementing best practices across Neptune's Security Operations function, while leading, developing, and coaching a team of technical resources across different tracks.
You will engage with stakeholders across the enterprise on all aspects of security operations, alert/event/incident management, security engineering and architecture, asset management, vulnerability management, patching, application security & multiple engagements with third party vendors and strategic partners.
The position will work closely with Information Technology, Commercial Software, and IT Operations along with the business to ensure there is a consistent and common approach to implementation of security operations activities and protocols.
Responsibilities:
Alert & Event mgmt.
, Incident Response, Investigation, Forensics and Resolutions Lead a team of resources (both FTE's and contractors) to enforce and sustain 24x7x365 monitoring of Neptune's Infrastructure and assets.
Design and maintain an Alert and Incident escalation matrix and On-call schedule, to ensure the proper routing from the MSSP to internal NTG assets, to provide after hours support on security events and potential incidents.
Review and act on alerts, events, incidents, and escalations (L2-L3), based on telemetry and content generated by the SIEM/MSSP.
Perform Incident response with affected functions departments, provide guidance to remediate, contain and document (Post-Mortem and Learnings).
Facilitate Tabletop exercises in partnership with Architecture, GRC and other functions.
Partner with MSSP & ITOPs to ensure the health of Logging/telemetry sources and SIEM platform.
Continuous evaluation of Logging and Telemetry needs for the SOC function to drive improved quality on Alerting and incident management (Tuning).
Build Playbooks based on alerts and incident trending, to facilitate response from L1/MSSP for specific Alerting patterns.
Research and design new event and alert correlation based on Threat intelligence and Cybersecurity trends, in partnership with the MSSP Provider (Threat Hunting).
Perform forensic and investigations on affected assets to ensure proper conclusion and remediation of incidents.
Feed the Architecture and Engineering function with findings from Incidents to ensure controls are in place to avoid future breaches and remediate root cause.
Design and lead BlueTeam/Redteam/Purple Team exercises.
Assess, evaluate, and provide guidance on security engineering best practices for security and compliance tools.
Supervise Application security activities and embed findings on event, alert, telemetry, and remediation activities.
Asset & Vulnerability management Define and implement requirements, policy & standards for Asset Management (IT, Security, Application & Product assets).
Partner with Architects, IT & SW to define and select technologies to be used for Asset lifecycle and tracking.
Partner with ITOPS, Comm.
SW, EAD & Product mgmt.
to review, validate & maintain updated asset lists on its systems of records.
Report Asset compliance & security posture status on monthly/quarterly basis (IT/Security assets).
Facilitate quarterly reviews and validate (In partnership with GRC, Comm.
SW, EAD) NTG's Application inventories.
Perform continuous monitoring of Neptune's boundaries for detection and remediation of potential Rogue assets.
'Develop, review, and maintain the EVM & Patching policy and procedures in partnership with GRC & ITOps.
Ensure System patching configurations are aligned with Policies and Procedures (In partnership with ITOps).
Perform monthly, quarterly, and yearly analysis of current state of Vulnerability and patching across all systems/assets included in scope.
Own and facilitate monthly Vulnerability & Patching management Stakeholder reviews vulnerability and remediation reports.
Facilitate and perform Monthly Patching Management reviews with ITOPs, EAD and Comm.
SW (More stakeholders?).
Partner with ITOps to set up and maintain a monthly cadence to engage Asset owners (leaders across each function) on patching state and prioritization and high critical items.
Design, build and maintain vulnerability management frameworks and working structures for ongoing evaluation of Vulnerabilities and Patching state across NTG's assets.
Identify, prioritize and document (based on Monthly reports and trends) patching process Gaps, patching system misconfigurations and other issues that could potentially impact the effectiveness of the patching processes/procedures.
Ensure patching issues are being prioritized, remediated, and escalated (When necessary) with SLT & Stakeholders.
Security Architecture and System Engineering Build, document and maintain a thorough understanding of the organization's technology and IT systems.
Plans, research, and designs security architecture for IT systems and Infrastructure.
Facilitate & perform Security architecture reviews for modern technologies (HW & SW), to ensure solutions are being chosen and developed with Security by design in mind.
Provide guidance for Enterprise Architects, SW Developers and Operations teams, on Security Architecture best practices.
Reviews current system security measures and recommends enhancements.
Conducting regular system tests and ensuring continuous monitoring of NTG's infrastructure, for Security related systems.
Develops, reviews, and approves installation requirements for LANs, WANs, VPNs, firewalls, routers, and related network devices.
Establishes disaster recovery procedures, designs, and supports security breach drills (Tabletop exercises).
Responds to, and investigates, security incidents and provides thorough post-event analyses.
Determines security protocols by evaluating business strategies and requirements.
Updates job knowledge by tracking and understanding emerging security practices and standards, protocols, participating in educational opportunities, reading professional publications, and participating in professional organizations.
Researching and designing public key infrastructures, certification authorities, and digital signatures, and ensuring all personnel have IT access limited to their need and role in the organization (Zero trust & Least privilege concepts).
Education:
Typically requires a bachelor's degree (or international equivalent)
Experience:
7
years of relevant experience.
Preferred
Qualifications:
Bachelor of Science in Engineering (Electrical, Mechanical, or Computer) This role is located in Tallassee, AL.
or Duluth, GA.
Equal Opportunity Employer EEO/AA M/F/Vet Disability #HP1 Job Type:
Full-time
Benefits:
401(k) matching Dental insurance Employee assistance program Employee discount Flexible schedule Flexible spending account Health insurance Health savings account Life insurance Paid time off Professional development assistance Referral program Relocation assistance Tuition reimbursement Vision insurance Schedule:
Monday to Friday Ability to commute/relocate:
Atlanta, GA:
Reliably commute or planning to relocate before starting work (Required) Application Question(s):
Are you able to work onsite Tuesdays and Thursdays? Work Location:
On the road.
Estimated Salary: $20 to $28 per hour based on qualifications.
$120K - $151K a year Estimated:
$120K - $151K a year 11 days ago 11 days ago 11 days ago Are you interested in a unique opportunity to work on cutting-edge and innovative products of tomorrow, with a team of engineers with similar passion and open to creative thinking? Neptune Technology Group Inc.
is a technology company serving water utilities across North America.
Since 1892, we have continually focused on the evolving needs of water utilities - revenue optimization, operational efficiencies, and improved customer service.
With our portfolio of smart water meters, data collection systems, and software, we make data actionable for our customers - so they can remain focused on the business of water.
For additional information, please visit the company website at www.
neptunetg.
com.
Position
Summary:
As the Security Operations Manager, you will be responsible for ensuring the organization is effectively designing, developing, and implementing best practices across Neptune's Security Operations function, while leading, developing, and coaching a team of technical resources across different tracks.
You will engage with stakeholders across the enterprise on all aspects of security operations, alert/event/incident management, security engineering and architecture, asset management, vulnerability management, patching, application security & multiple engagements with third party vendors and strategic partners.
The position will work closely with Information Technology, Commercial Software, and IT Operations along with the business to ensure there is a consistent and common approach to implementation of security operations activities and protocols.
Responsibilities:
Alert & Event mgmt.
, Incident Response, Investigation, Forensics and Resolutions Lead a team of resources (both FTE's and contractors) to enforce and sustain 24x7x365 monitoring of Neptune's Infrastructure and assets.
Design and maintain an Alert and Incident escalation matrix and On-call schedule, to ensure the proper routing from the MSSP to internal NTG assets, to provide after hours support on security events and potential incidents.
Review and act on alerts, events, incidents, and escalations (L2-L3), based on telemetry and content generated by the SIEM/MSSP.
Perform Incident response with affected functions departments, provide guidance to remediate, contain and document (Post-Mortem and Learnings).
Facilitate Tabletop exercises in partnership with Architecture, GRC and other functions.
Partner with MSSP & ITOPs to ensure the health of Logging/telemetry sources and SIEM platform.
Continuous evaluation of Logging and Telemetry needs for the SOC function to drive improved quality on Alerting and incident management (Tuning).
Build Playbooks based on alerts and incident trending, to facilitate response from L1/MSSP for specific Alerting patterns.
Research and design new event and alert correlation based on Threat intelligence and Cybersecurity trends, in partnership with the MSSP Provider (Threat Hunting).
Perform forensic and investigations on affected assets to ensure proper conclusion and remediation of incidents.
Feed the Architecture and Engineering function with findings from Incidents to ensure controls are in place to avoid future breaches and remediate root cause.
Design and lead BlueTeam/Redteam/Purple Team exercises.
Assess, evaluate, and provide guidance on security engineering best practices for security and compliance tools.
Supervise Application security activities and embed findings on event, alert, telemetry, and remediation activities.
Asset & Vulnerability management Define and implement requirements, policy & standards for Asset Management (IT, Security, Application & Product assets).
Partner with Architects, IT & SW to define and select technologies to be used for Asset lifecycle and tracking.
Partner with ITOPS, Comm.
SW, EAD & Product mgmt.
to review, validate & maintain updated asset lists on its systems of records.
Report Asset compliance & security posture status on monthly/quarterly basis (IT/Security assets).
Facilitate quarterly reviews and validate (In partnership with GRC, Comm.
SW, EAD) NTG's Application inventories.
Perform continuous monitoring of Neptune's boundaries for detection and remediation of potential Rogue assets.
'Develop, review, and maintain the EVM & Patching policy and procedures in partnership with GRC & ITOps.
Ensure System patching configurations are aligned with Policies and Procedures (In partnership with ITOps).
Perform monthly, quarterly, and yearly analysis of current state of Vulnerability and patching across all systems/assets included in scope.
Own and facilitate monthly Vulnerability & Patching management Stakeholder reviews vulnerability and remediation reports.
Facilitate and perform Monthly Patching Management reviews with ITOPs, EAD and Comm.
SW (More stakeholders?).
Partner with ITOps to set up and maintain a monthly cadence to engage Asset owners (leaders across each function) on patching state and prioritization and high critical items.
Design, build and maintain vulnerability management frameworks and working structures for ongoing evaluation of Vulnerabilities and Patching state across NTG's assets.
Identify, prioritize and document (based on Monthly reports and trends) patching process Gaps, patching system misconfigurations and other issues that could potentially impact the effectiveness of the patching processes/procedures.
Ensure patching issues are being prioritized, remediated, and escalated (When necessary) with SLT & Stakeholders.
Security Architecture and System Engineering Build, document and maintain a thorough understanding of the organization's technology and IT systems.
Plans, research, and designs security architecture for IT systems and Infrastructure.
Facilitate & perform Security architecture reviews for modern technologies (HW & SW), to ensure solutions are being chosen and developed with Security by design in mind.
Provide guidance for Enterprise Architects, SW Developers and Operations teams, on Security Architecture best practices.
Reviews current system security measures and recommends enhancements.
Conducting regular system tests and ensuring continuous monitoring of NTG's infrastructure, for Security related systems.
Develops, reviews, and approves installation requirements for LANs, WANs, VPNs, firewalls, routers, and related network devices.
Establishes disaster recovery procedures, designs, and supports security breach drills (Tabletop exercises).
Responds to, and investigates, security incidents and provides thorough post-event analyses.
Determines security protocols by evaluating business strategies and requirements.
Updates job knowledge by tracking and understanding emerging security practices and standards, protocols, participating in educational opportunities, reading professional publications, and participating in professional organizations.
Researching and designing public key infrastructures, certification authorities, and digital signatures, and ensuring all personnel have IT access limited to their need and role in the organization (Zero trust & Least privilege concepts).
Education:
Typically requires a bachelor's degree (or international equivalent)
Experience:
7
years of relevant experience.
Preferred
Qualifications:
Bachelor of Science in Engineering (Electrical, Mechanical, or Computer) This role is located in Tallassee, AL.
or Duluth, GA.
Equal Opportunity Employer EEO/AA M/F/Vet Disability #HP1 Job Type:
Full-time
Benefits:
401(k) matching Dental insurance Employee assistance program Employee discount Flexible schedule Flexible spending account Health insurance Health savings account Life insurance Paid time off Professional development assistance Referral program Relocation assistance Tuition reimbursement Vision insurance Schedule:
Monday to Friday Ability to commute/relocate:
Atlanta, GA:
Reliably commute or planning to relocate before starting work (Required) Application Question(s):
Are you able to work onsite Tuesdays and Thursdays? Work Location:
On the road.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
