Sr. Manager, Security Operations and Incident Response

Join us as a Senior Manager, Security Operations and Incident Response.  This will be a US Remote position.

Boomi is seeking a Senior Manager, Security Operations and Incident Response to join its Information Security Group. This position will be a vital leader of the Threat Response team, leading the Cyber Security Incident Response Team activities and capabilities development with the support of SOC analysts and incident responders globally using a wide variety of tools. As the CSIRT leader, the candidate will be responsible for maturing and maintaining a global program that aligns with leading industry standards, advice, and direction. This involves operating and continually improving existing CSIRT processes, as well as the development of new processes in response to evolving threats and business requirements.

What you’ll do

Provide management oversight to the Cybersecurity operations and engineering team including near and offshore resources

• Day to day leadership of security incidents and associated SLAs as needed
• Provides oversight of communications and escalations as necessary to lead events identified by Boomi's security tools
• Responsible for the coordination and support through Cybersecurity incidents
• Responsible for building and maintaining a high performing team
• Responsible for the overall execution of the plans and procedures related to the Incident Response, Forensics, and Investigation functions
• Manage the relationship with third-party vendors providing services to support Boomi's cyber program
• Oversee reporting that will provide analytics and metrics to Cybersecurity leadership
• Tightly collaborate with Ciso, cyber leadership and Boomi key stakeholders
• Must be competent to work at a high technical level of forensic and investigations in IT environments, capable of identifying vectors of threats and incidents, work with others to assist the education of security events and implications, and develop documentation to support operations and the incident response process.

What you’ll need to succeed in this role 

• Experience working in Information Security practices within large enterprise environments. 
• Strong understanding of incident response processes, workflows, communications and reporting, escalations, and cross-department collaboration.
• Working knowledge and comprehension of common regulatory bodies and frameworks (FFIEC, SOX, GLBA, PCI-DSS, NYDFS, etc.)
• Recognized industry security certifications and credentials specific to cloud security and risk management (CISSP, CCSP, CISM, CRISC, CISA, GIAC/SANS, Cloud Security Alliance, AWS/Azure, etc.)
• Advanced demonstrated proficiency in deploying Infrastructure-as-a-Service, Platform-as-a-Service, Software-as-a-Service, and other on-demand cloud computing solutions. (Azure Blueprints, Azure Resource Management, PowerShell/Bash, and other DevOps/Infrastructure-as-Code tools.)
• Strong communication skills across business units while working in remote operations.
• Documentation and diagram experience using common SDLC or security tools (Visio, VisualParadigm, Microsoft Project, etc.)

Additional Experience Desired

• 8+ years of technical security experience with 5+ years of experience managing and leading a cyber incident response or security operations team with an enterprise organization.
• Bachelor’s degree in related field or equivalent experience
• Certifications: SANS GCIH, GSOC, GSOM, GCIA, GPEN, GMON, GCDA, GDAT or certifications relating to security operations or incident response preferred.

Location

US Remote

#LI-ES1