Security Operations Manager

Executive Overview:Anomali, founded in 2013, is the recognized leader in intelligence-driven cybersecurity. More than 1,500 public and private sector organizations rely on Anomali to see and detect threats more quickly, reduce the risk of security breaches, and improve security operations productivity. Anomali solutions serve customers around the world in nearly every major industry vertical, including many of the Global 2000. As an early threat intelligence innovator, Anomali was founded in 2013 and is backed by leading venture firms including GV, Paladin Capital Group, In-Q-Tel, Institutional Venture Partners, and General Catalyst. Learn more at www.anomali.com.   Quite simply our sole mission is to help make enterprises more secure and maximize the return on their security investments.  Anomali helps organizations find and respond to cyber threats. We bring to your security and threat intelligence teams the one thing that's been missing - external context. With Anomali you can now identify suspicious or malicious traffic before it even reaches your network. We turn threat intelligence into your cyber no-fly list, and seamlessly integrate this with your existing internal security and IT systems. 

OverviewThe Security Operations Manager will be responsible for driving the identification, implementation, and daily operation of all security processes and programs needed to ensure the safety and security of Anomali’s corporate/on-prem and AWS cloud environments. The desired candidate should be a hands-on individual and will have experience for a wide range of security tools and technologies, using a variety of security frameworks, implemented across multiple security domains and proven experience building and training a team.
ResponsibilitiesMonitor, review and improve the security posture of endpoint devices, network infrastructure and the cloud environmentManage security tools, monitor the organization infrastructure and respond to security alertsAssist with defining enterprise-wide IT Security policies, procedures and compliance requirements based on industry best practicesIdentify risks and propose remediation strategiesProvide guidance and support to other internal teams requesting security services
QualificationsRequired Skills / ExperienceBachelor's Degree in cybersecurity, computer science, engineering or equivalent experience6+ years in security operations, security architecture, security engineering, or as a incident responderStrong knowledge of the major modern operating systems (Windows 10, Mac OSX, Ubuntu and CentOS), their built-in security capabilities and hardening optionsKnowledge of network security, protocols and tools like routing, switching, TCP, DNS, DHCP, HTTP, TLS, Wireshark, tcpdump or nmapAWS Networking and Security concepts (Security Groups, VPCs, ACLs, CloudTrail, CloudWatch, Config)Experience with EDR solutions (CrowdStrike, Carbon Black, etc.)Hands on security experience with Cloud providers, such as AWSIn depth knowledge of Splunk administration and security analystExperience with several of the following technologies: Security Operations, Intrusion Detection (Suricata/Zeek), Incident Response, Threat Intelligence, Threat Hunting, Log Management, Vulnerability Management (Tenable), DLP (Forcepoint, NetSkope), Identify Management (JumpCloud), Email Security (Mimecast), Firewalls (Palo Alto Networks), Network Access Control (ClearPass)Excellent written and oral communication skills
Bonus Skills/ExperienceCertifications, with bonus points for CISSP, CCSP, CCSK, AWS Security Specialty, or any SANs certificationsExperience with a scripting language (Python, Bash, PowerShell, etc.)In depth knowledge of AWS security services (Guard Duty, IAM, CloudWatch, CloudTrail, S3 bucket configurations and encryption, CloudHSM, Amazon Macie, etc.)Familiarity with compliance frameworks like FedRAMP, SOC2 and ISO27001Experience with penetration testing, bug bounty programs, and Burp Suite Benefits Medicalo Private Healthcare Plano Dental Plano Optical Plan Work-Life Balanceo Paid Public Holidayso Accrued Paid Time Off – 25 days
Equal Opportunities Monitoring It is our policy to ensure that all eligible persons have equal opportunity for employment and advancement on the basis of their ability, qualifications and aptitude. We select those suitable for appointment solely on the basis of merit without regard to an individual's disability, race, religion, sex, age or sexual orientation. Monitoring is carried out to ensure that our equal opportunity policy is effectively implemented. If you are interested in applying for employment with Anomali and need special assistance or accommodation to apply for a posted position, contact our Recruiting team at recruiting@anomali.com. We are happy to discuss reasonable adjustments.