Threat Operations Manager

COMPANY OVERVIEW

ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools for the Managed Services Provider (MSP) industry to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities.

POSITION OVERVIEW

The Threat Operations Manager will be responsible for investigation and responding to threat activity, spam content, malware and other cyber attacks on ThreatLocker and our partners networks.

JOB SCOPE

The ThreatOps Manager will be responsible for, but not limited to:

• Responsible for the ongoing testing of the firm's security vulnerabilities.
• Provide oversight and guidance over the firm's patch management program. 
• Lead technical discussion around security weaknesses identified by the team with various non-technical and technical parties.
• Develop an operational support plan for the sustained success of the program - including KPIs and KRIs, training and development of security analysts and identify process improvements.
• Collaborate with Internal IT and Infrastructure, Development and Support department to assess security weaknesses and provide prevention and detection recommendations for cyber threats.
• Define security evaluation procedures and controls.
• Represent the firm in industry wide cyber security test events

REQUIRED QUALIFICATIONS

• Minimum of 8 years experience in network security management 
• Expertise with security assessment methodology, vulnerability management, OWASP model, CVE ratings 
• Ability to read web and application server logs to determine potential breaches
• Scripting/coding experience to prepare attack code
• Experience with security attack simulation tools
• Experience working as an Incident Responder
• Ability to analyze endpoint, network, and application logs
• Experience tuning and/or configuring SIEM and vulnerability tools
• Knowledge of common Internet protocols and applications

WORKING CONDITIONS

The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed.

• Job will generally be performed in an office environment but may require travel to visit company offices and/or property locations.
• While performing duties of this job, would occasionally require to stand, walk, sit, reach with hands and arms, climb or balance, stoop or kneel, talk and hear, and use fingers and hands to feel objects and tools.
• Must occasionally lift and/or move up to 25 pounds.
• Specific vision abilities required include close vision, distance vision, depth perceptions, and the ability to adjust focus.