Manager, Information Security

Dallas, TX

Applications have closed

Apex Fintech Solutions (AFS) powers innovation and the future of digital wealth management by processing millions of transactions daily, to simplify, automate, and facilitate access to financial markets for all. Our robust suite of fintech solutions enables us to support clients such as Stash, Betterment, SoFi, and WeBull, and more than 20 million of our clients' customers. 

Collectively, AFS creates an environment in which companies with the biggest ideas in fintech are empowered to change the world. We are based in Dallas, TX and also have offices in Austin, New York, Chicago, Los Angeles, Portland, and Belfast. 

If you are seeking a fast-paced and entrepreneurial environment where you'll have the opportunity to make an immediate impact, and you have the guts to change everything, this is the place for you. 

AFS has received a number of prestigious industry awards, including:

  • 2021, 2020, 2019, and 2018 Best Wealth Management Company - presented by Fintech Breakthrough Awards
  • 2021 Most Innovative Companies - presented by Fast Company
  • 2021 Best API & Best Trading Technology - presented by Global Fintech Awards

The Manager, Information Security is responsible for the day-to-day operations of the programs Cyber Operations (SOC, Cyber Threat Intelligence, Vulnerability Management, Cyber Incident Response, Penetration Testing, Email Security, and Insider threat) program. The position is responsible for the planning, design, and the support of the Cyber Operations functions and all its components. This individual will be responsible for managing the Cyber Operations program and for the 24/7 monitoring capabilities of the firm's environment. This role is also expected to be able to troubleshoot complex problems with little oversight, take ownership and work independently as needed to resolve customer issues.

Primary Responsibilities:

  • Responsible for the strategic direction and daily operations related to IT security operations
  • Provide 24/7 monitoring capabilities from the SOC
  • Develop full network visibility across the environment(s) to identify and flag anomalistic events
  • Develop and enhance real-time monitoring of security threats, detection, and proactive response of security incidents and intrusion – enterprise wide
  • Prepare for and predict attacks and activities targeted at organization's business and IT processes
  • Prioritize Cybersecurity Operations competing priorities.
  • Establish process to Identify and monitor all applications, systems, and assets on the network
  • Implement KPI/KRI metrics for continuous improvement as well as information regarding the overall security hygiene of the environment
  • Managing the event monitoring and triaging processes to detect and respond to events quickly and efficiently
  • Perform correlations to improve event tracking and incident detection processes
  • Enhance SOC with advanced skill sets such as SOC automation and orchestration to optimize SOC resource allocation
  • Establish Standard Operating Procedures for your L1, L2, and L3 Security Operation Center and provide 24/7 monitoring capabilities
  • Managing project planning, engagement administration, budget management, and successful completion of engagements
  • Serves as organizational point person for business-critical incidents
  • Manage recruitment, training, and development for security staff
  • Foster an innovative and inclusive team- oriented work environment and play an active role in counseling and mentoring team members
  • Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.

Qualifications :

  • Bachelor Degree in Computer Science, Mathematics, Engineering or other related area of study
  • 10+ years of overall IT professional experience or 3-4+ years of work experience leading Information Security teams
  • Ability to lead in a team-oriented environment that is multinational and cross organizational with a managed service component.
  • Knowledge of major cloud service providers (e.g., AWS, Azure, GCP) and associated technologies
  • Expertise in security measures such as network access controls, network segmentation, firewalls, and intrusion detection and prevention systems (IDS/IPS)
  • Deep knowledge of DNS security principles such as VPN, routing, authentication, DDOS mitigation technology, and proxy services
  • Experience and familiarization with a variety of information and network security monitoring tools (SIEM, EDR/XDR, IDS/IPS, firewall, WAF, among others)
  • Understanding of vulnerability management (VM) and application security (AppSec) management Preferred
  • One security- related certification such as the CISSP, CISA, CISM, GIAC or other relevant certification preferred
  • Project Management training/certification preferred
  • Proven experience in managing or leading a Security Operation Center/Team or MSSP is a plus.
  • Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification preferred
  • Demonstrate and apply a thorough understanding of complex enterprise systems. 
  • Ability to demonstrate analytical expertise, close attention to detail, critical thinking, logic, and solution orientation and to learn and adapt quickly
  • Proven success in developing, implementing, sustaining, and enhancing enterprise information security and risk management programs.
  • Decision-making capabilities, with an ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one

#LI-BS1

Apex currently requires all employees as a condition of employment to either be fully vaccinated for COVID-19 or submit to regular testing. The CDC defines "fully vaccinated" as two weeks after the second dose for Pfizer and Moderna, and two weeks after the single dose of Johnson & Johnson. Apex will also require proof of vaccination and/or testing. Apex will also consider requests for exemption from these requirements as a reasonable accommodation for medical reasons or sincerely held religious beliefs. *Please note this requirement is ONLY for US Offices. 

Tags: APIs Application security Automation AWS Azure CISA CISM CISSP Cloud Computer Science DDoS DNS EDR FinTech Firewalls GCP GIAC IDS Incident response Intrusion detection IPS ITIL Mathematics Monitoring Network security Pentesting Risk management SIEM SOC Threat intelligence VPN Vulnerability management

Perks/benefits: Career development Team events

Region: North America
Country: United States
Job stats:  5  1  0
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.