Global Information Security Operations Manager
Location
Ettlingen | Germany
Job description
Primary Purpose
The Global InfoSec Operations Manager provides overall management of people, functions, process, and technology capabilities within the Cybersecurity Operations organization. This role provides leadership and oversight for the activity within the:
- 24/7 Security Operations Center (SOC)
- Incident Response Team / Forensics
- Threat Intelligence Team
- Cybersecurity Governance Team
The Global InfoSec Operations Manager manages day-to-day Cybersecurity operations and assists in implementing new cybersecurity technologies and practices used by the Cybersecurity Operational teams using industry best practices and manages cyber risk to protect the company, customers, and employees. Works closely with other Cybersecurity functions, such as Vulnerability Management, Security Awareness and Cybersecurity Engineering. This role ensures all incidents are handled properly and according to best practices, policies, and regulatory requirements.
Will act as a Cybersecurity service owner, overseeing medium to large Cybersecurity software and technology vendor contracts and relationships, and managing the strategy, vision, and roadmap for the Cybersecurity services provided. Works with Contractors through the external vendor manager directly or their back-office support for any assigned work, to lead status meetings with the external vendor manager to review progress and quality of assigned work. Assists as needed with providing company protocols, scope of work, and contract adjustments where valid and approved by company.
Leads and manages Global cybersecurity operations team and/or the delivery of cybersecurity services. Meets customer expectations and/or Service Level Agreements for cybersecurity performance and execution. As a manager of cybersecurity teams, supervises technical track staff such as Cybersecurity Engineers and Analyst, Cybersecurity Domain Engineers and Leads, Cybersecurity Domain Architects, Cybersecurity Enterprise Architects, and others as assigned. Mentors and supports technical staff, drive technical skill development. Ensures that cybersecurity best practices are implemented and followed. Builds forward-looking cybersecurity capabilities for organization.
hat Kontextmenü
SUPERVISES: Global InfoSec Operations Team
Duties and Responsibilities
- Sets vision and roadmap for development of Cybersecurity Operational technical capabilities they are responsible for providing to enterprise. Manages enterprise cybersecurity technology needs, stakeholder relationships, and capability maturity. Collaborates with others to drive enterprise-wide adoption of cybersecurity capabilities under their leadership. Evaluates and prioritizes strategic opportunities to enable technology organization to deliver on business priorities. Proactively champions new opportunities for automation, innovation, and technical excellence within the cybersecurity organization, bringing thought leadership and deep technical expertise to drive adoption. Owns quarterly planning and roadmaps for cybersecurity capability. Manages cybersecurity technology needs across multiple businesses and groups.
- Manages executive relationships to maintain strategic direction and pipeline of work. Holds full accountability for success of designated function or department. Drives performance against measurable functional, operational, and strategic priorities. Prioritizes work based on stakeholder needs and objectives and ensures the deployment of people, process, and technology resources is aligned to Cybersecurity strategy. Provides technical leadership to manage planning, refinement, execution and review of critical initiatives.
- Leads oversight of timeliness and quality of vendor services and deliverables. Works in partnership with Supply Management support Business Review meetings, reviewing performance, quality and continuous improvement of service delivery. Assists as needed with providing company protocols, scope of work, and contract adjustments where valid and approved by company. Provides strategic direction to develop Service Level Agreements, technology standards and guidelines. Works through the external vendor manager to ensure high performance standards and success of critical technology programs through strong performance management and measurement. Assesses vendor capabilities, ensuring a clear understanding of platforms, strategies, roadmaps, and releases. Drives definition of enterprise strategy, platform, and capability roadmaps to deliver critical functionality to the Cybersecurity organization.
- Provides leadership to a large global team, providing direction, motivation, and strategic oversight. Owns all aspects of employee management for a large team, directing work and providing guidance. Responsible for all aspects of performance management, training, and development. May supervise team leads.
- Performs other duties as assigned by the Chief Information Security Officer.
Qualifications
Required Qualifications
- In-depth knowledge of modern security concepts such as common attack vectors, malware, security analytics and threat intelligence.
- Understanding of Cybersecurity Operations models and technologies (cloud, automation, orchestration, analytics, and risk-based approaches).
- Excellent understanding of major regulatory and industry standards such as NIST and MITRE ATT&ACK framework.
- Experience with Endpoint Detection & Response (EDR/XDR), automation (SOAR) and SIEM tools.
- Master’s Degree in Business Analytics, Cybersecurity, Computer Science, Information Systems, related field or equivalent training and/or experience.
- 7 years - Progressive experience in IT/Cybersecurity or closely related field. Experience working with IT financial and/or vendor management highly desired.
- Stakeholder Management - Ability to create and maintain strong relationships with stakeholders in order to drive outcomes and create alignment around a vision or course of action.
- Project Delivery - Proven ability executing projects in a collaborative, fast paced environment.
- Communication for Technical Leadership - Ability to communicate technical ideas and strategies effectively to non-technical audiences, including executive leadership, via multiple mediums (e.g., written communications, verbal communications, presentations, etc.).
- Cybersecurity Technology Trends - Demonstrates a strong understanding of emerging trends in the Cybersecurity technology landscape, including new technologies, processes, and ways of working. Able to determine the impact of technological advancement on the company's systems, applications, infrastructure, and practices.
- Vendor / Contract Management - Ability to build effective relationships with third party providers, suppliers, and partners.
- Financial Acumen - Strong financial acumen, including the ability to accurately report spending in the IT function and an understanding of both CapEx and OpEx budgets.
Preferred Qualifications
- Experience in agile methodologies, and agile project management techniques such as Lean Portfolio Management (LPM)
- Experience working with DevSecOps practices, including Continuous Integration / Continuous Delivery (CI/CD) pipelines.
- Experience working within the multinational organizations.
- Business Functional Knowledge - Knowledge and understanding of the business context, market and operational functions of the operating company, and the wider utilities industry.
- Service Design and Management - Manage the design of one (or more) information-based technology-enabled service through addressing requirements from Capacity Management, Information Security Management, Availability Management, Service Continuity Management, Supplier Management and Service Level Management).
Job tags
Salary