Job Description

WHAT YOU'LL DO

The Security Operations Manager is responsible for the execution of BCG Omnias product and cloud infrastructure security program in alignment with Information Security & Risk Management standards and best practices for Software as a Service (SaaS).

YOU'RE GOOD AT

Working with a myriad of product, engineering, and cloud infrastructure management teams to implement and manage security in a SaaS environment. The Security Operations Manager will:

* Understand business and cloud security requirements of engineering, product, and cloud infrastructure delivery teams.
* Work collaboratively with engineering, product, and cloud infrastructure teams to lead effective process improvements and improve overall security effectiveness.
* Lead and mature security of cloud infrastructure and operations.
* Serve as Lead technical systems security subject matter expert providing guidance and recommendations.
* Monitor security advisories that impact security, risk, and compliance requirements.
* Aiding the security management analysts in investigating, analysing and remediating vulnerabilities
* Review vulnerability assessment results, prioritize, and assist in remediation efforts.
* Support the implementation and management of operational security controls.
* Identifying and incorporating security capability requirements into security strategy.
* Support security incident response process, work with subject matter experts, recommend corrective actions, and respond to investigations requiring technical security analysis.
* Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.

YOU BRING (EXPERIENCE & QUALIFICATIONS)

* 5-8+ years in information security, compliance, audit and risk management.
* 5-8+ years in information technology environments including SaaS.
* Knowledge of Linux and Windows based system administration.
* End-to-end security including web, application, network, and database.
* Experience with security analytics and analysis, logging, and reporting.
* Managing identity access, threat, and vulnerability detection.
* Familiarity with audit, risk mitigation, and IT controls such as separation of duties.
* Security certification such as CISM or CISSP.
* Knowledge of industry standards and frameworks such as SOC2, ISO 27001, and CSA CCM

YOU'LL WORK WITH

You will work in a fast-paced, intellectually challenging, product-oriented environment. You will work with application developers, product managers and cloud infrastructure teams to provide security expertise and guidance. You will be a part of an enthusiastic and motivated team of security professionals in support of delivering software and data solutions to our clients.