Manager, Information Security
Dallas, TX
Apex Fintech Solutions (AFS) powers innovation and the future of digital wealth management by processing millions of transactions daily, to simplify, automate, and facilitate access to financial markets for all. Our robust suite of fintech solutions enables us to support clients such as Stash, Betterment, SoFi, and WeBull, and more than 20 million of our clients' customers.
Collectively, AFS creates an environment in which companies with the biggest ideas in fintech are empowered to change the world. We are based in Dallas, TX and also have offices in Austin, New York, Chicago, Los Angeles, Portland, and Belfast.
If you are seeking a fast-paced and entrepreneurial environment where you'll have the opportunity to make an immediate impact, and you have the guts to change everything, this is the place for you.
AFS has received a number of prestigious industry awards, including:
- 2021, 2020, 2019, and 2018 Best Wealth Management Company - presented by Fintech Breakthrough Awards
- 2021 Most Innovative Companies - presented by Fast Company
- 2021 Best API & Best Trading Technology - presented by Global Fintech Awards
The Manager, Information Security is responsible for the day-to-day operations of the programs Cyber Operations (SOC, Cyber Threat Intelligence, Vulnerability Management, Cyber Incident Response, Penetration Testing, Email Security, and Insider threat) program. The position is responsible for the planning, design, and the support of the Cyber Operations functions and all its components. This individual will be responsible for managing the Cyber Operations program and for the 24/7 monitoring capabilities of the firm's environment. This role is also expected to be able to troubleshoot complex problems with little oversight, take ownership and work independently as needed to resolve customer issues.
Primary Responsibilities:
- Responsible for the strategic direction and daily operations related to IT security operations
- Provide 24/7 monitoring capabilities from the SOC
- Develop full network visibility across the environment(s) to identify and flag anomalistic events
- Develop and enhance real-time monitoring of security threats, detection, and proactive response of security incidents and intrusion – enterprise wide
- Prepare for and predict attacks and activities targeted at organization's business and IT processes
- Prioritize Cybersecurity Operations competing priorities.
- Establish process to Identify and monitor all applications, systems, and assets on the network
- Implement KPI/KRI metrics for continuous improvement as well as information regarding the overall security hygiene of the environment
- Managing the event monitoring and triaging processes to detect and respond to events quickly and efficiently
- Perform correlations to improve event tracking and incident detection processes
- Enhance SOC with advanced skill sets such as SOC automation and orchestration to optimize SOC resource allocation
- Establish Standard Operating Procedures for your L1, L2, and L3 Security Operation Center and provide 24/7 monitoring capabilities
- Managing project planning, engagement administration, budget management, and successful completion of engagements
- Serves as organizational point person for business-critical incidents
- Manage recruitment, training, and development for security staff
- Foster an innovative and inclusive team- oriented work environment and play an active role in counseling and mentoring team members
- Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
Qualifications :
- Bachelor Degree in Computer Science, Mathematics, Engineering or other related area of study
- 10+ years of overall IT professional experience or 3-4+ years of work experience leading Information Security teams
- Ability to lead in a team-oriented environment that is multinational and cross organizational with a managed service component.
- Knowledge of major cloud service providers (e.g., AWS, Azure, GCP) and associated technologies
- Expertise in security measures such as network access controls, network segmentation, firewalls, and intrusion detection and prevention systems (IDS/IPS)
- Deep knowledge of DNS security principles such as VPN, routing, authentication, DDOS mitigation technology, and proxy services
- Experience and familiarization with a variety of information and network security monitoring tools (SIEM, EDR/XDR, IDS/IPS, firewall, WAF, among others)
- Understanding of vulnerability management (VM) and application security (AppSec) management Preferred
- One security- related certification such as the CISSP, CISA, CISM, GIAC or other relevant certification preferred
- Project Management training/certification preferred
- Proven experience in managing or leading a Security Operation Center/Team or MSSP is a plus.
- Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification preferred
- Demonstrate and apply a thorough understanding of complex enterprise systems.
- Ability to demonstrate analytical expertise, close attention to detail, critical thinking, logic, and solution orientation and to learn and adapt quickly
- Proven success in developing, implementing, sustaining, and enhancing enterprise information security and risk management programs.
- Decision-making capabilities, with an ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
#LI-BS1
Apex currently requires all employees as a condition of employment to either be fully vaccinated for COVID-19 or submit to regular testing. The CDC defines "fully vaccinated" as two weeks after the second dose for Pfizer and Moderna, and two weeks after the single dose of Johnson & Johnson. Apex will also require proof of vaccination and/or testing. Apex will also consider requests for exemption from these requirements as a reasonable accommodation for medical reasons or sincerely held religious beliefs. *Please note this requirement is ONLY for US Offices.
Tags: APIs Application security Automation AWS Azure CISA CISM CISSP Cloud Computer Science DDoS DNS EDR FinTech Firewalls GCP GIAC IDS Incident response Intrusion detection IPS ITIL Mathematics Monitoring Network security Pentesting Risk management SIEM SOC Threat intelligence VPN Vulnerability management
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs