Manager - Security Operations • IT Security

It's fun to work in a company where people truly BELIEVE in what they're doing!

Job Description: 

Ingram Micro touches 80% of the technology you use every day with our focus on Technology Solutions, Cloud, and Commerce and Lifecycle Solutions. With $50 billion in revenue, we have become the world’s largest technology distributor with operations in 64 countries and more than 35,000 associates.

Requirements:

• Seven or more years of full-time professional experience in the Information Security field
• Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or inhouse SoC. Inhouse (SOC) is a plus
• Understanding of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM, and AV
• Strong time management and multitasking skills, attention to details and strong collaborative skills required
• Provide technical guidance to team members in the areas of Cyber Security
• Manage Individual and team performance to consistently meet performance standards
• Develop and Support Strategic plan and projects to meet Security Operations Center goals and Objectives.
• Experience in developing and tracking of Security Operations metrics
• Should have experience in creation of executive presentations
• Coaching and training experience
• Willing to work in shift pattern (4 teams with two 12-hour shift, shift pattern working and non-working hours 2 days on, 2 days off, 3 days on, 2 days off, 2 days on, 3 days off)
• Ability to provide on call support when needed.

*This is not a complete listing of the job duties. It’s a representation of the things you will be doing, and you may not perform all of these duties.

Qualifications:

• Queue management (Open, Track, and close Security Incidents)
• Familiarity with cyber security frameworks such as NIST CSF.
• Demonstrate use and understanding of security technologies such as Security Incident and Event Management (SIEM) & Endpoint Detection and Response (EDR)
• Demonstrated threat hunting experience SIEM and EDR solutions.
• Evaluate, respond, and mitigate alerts that originate from the SIEM and the Cybersecurity product suite, e.g. IDS/IPS, Anti-virus, Web Application Firewalls, NAC Solution, EDR etc
• Should have an understanding or working knowledge on Network Based Attacks / System Based Attacks, Denial of Service Attacks, HTTP Based DoS Attacks, Brute force attacks.
• Ability to identify common false positives and make suggestions on tuning.

Certifications & Knowledge

• One or more certifications preferred (GCIA, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, OSCP