Manager, Security Operations

KUBRA


KUBRA is looking for a talented Manager, Security Operations to join our Information Security team!

As the Manager of Security Operations you will be the first line of defense by modeling and leading the security team efforts in preserving the confidentiality, integrity, and availability of all KUBRA systems and services. You will lead the cyber incident response function 24×7, provide leadership in managing firewalls and the unified threat management component of firewalls, provide guidance to business units with PCI DSS compliance and controls that can be implemented to maintain compliance, participate in maintaining 99.9+% availability of all client side production services, and manage and enhance the security processes and technologies to identify, deter, investigate, and remediate security events.



This is a hybrid role based out of our office in Mississauga, ON.
What you get to do everyday
Manage and enhance the vulnerability and penetration testing program, process and report accurate metrics that can help support teams to reduce the threat
Serve as an SME on threat intelligence and conduct research on emerging threats and identify and deploy solutions to prevent against such threats
Manage the SIEM platform and lead the efforts to fine tune it’s capabilities and enhance the scope of the platform
Provide leadership in managing the firewalls and the unified threat management components on the firewalls
Lead the security operations team to be the owner and manage the end point security process and technologies that includes Anti-Virus, Host based IPS, EDR and Advanced threat Protection features
Manage the operational components of application security e.g.

SAST, DAST and WAF technologies and processes
Manage the schedule and participate in on call duties by carrying Cell phone or Pager on rotating schedule and provide initial response within 15 minutes. Resolve or escalate after hour’s production issues within two hours. (24x7x365), as needed
Train KUBRA employees and contractors on security and privacy best practices
Contribute to maintaining and updating KUBRA’s security, privacy and crisis Management policies
Develop systems, software and skills to stay ahead of emerging threats.
Participate in security and IT regulation audits.

Examples include client audits/RFPs, SOX, SSAE18 and PCI
Participate in architecting security solutions for new product development and existing infrastructure of Kubra
Act as a liaison between Security and IT Operations
Guide the development and enhancement of the Privileged Access Management program
What kind of person should you be?
Previous experience managing in security operation center
Previous experience in an information security advisory role
Experience in Technology Risk Management processes
Prior experience as an Information security architect is a huge asset
Experience with Application security
Ability to work with little or no direct supervision
Can advise business on information security and privacy matters
Excellent computer skills including a high degree of proficiency in Microsoft Word, Excel, and PowerPoint
Ability to take initiative and work proactively under minimal supervision
Superior organizational skills with a meticulous attention to detail
Ability to prioritize and successfully complete tasks while working under pressure in a fast-paced environment
Solid multi-tasking skills with the ability to manage and balance large volumes of work
Strong analytical skills with the ability to exercise judgment when dealing with problems or issues that may arise
Team-player with strong interpersonal skills and a professional attitude capable of fostering strong working relationships with all levels of staff within the organization as well as external contacts
Ability to work with sensitive and confidential material
Strong communication skills, both written and verbal
Ability to plan, research topics and be creative
What skills do you need?
A minimum of 8 years’ experience in an IT security related position
5+ years of experience in Systems/Network Administration
5+ years of experience with Windows Clients/Servers
2 + years of Linux experience (ESX VMware -MS Virtual Servers, SAN)
4+ years of experience with Windows SQL and/or MySQL
Experience with Palo Alto and CISCO firewalls
Experience with Symantec endpoint protection agent
Experience with Firemon, Qradar, Nessus, Metaspolit, Fortify and Barracuda technologies
Familiar with backup tools/procedures: considered an asset
Worked in a PCI Level 1 environment
Knowledge of Canadian and US privacy laws

Certifications, preferred but not required:
PCI QSA/ISA (strongly preferred)
CISSP (preferred)
OSCP (preferred)
CISM (preferred)
CISA (preferred)
PMP (preferred)
CIPP (preferred)
TOGAF (preferred)
What can you expect from us?
Award-winning culture that fosters growth, diversity and inclusion for all
Paid day off for your birthday
Access to LinkedIn learning courses
Continued education with our education reimbursement program
Flexible schedules
Free unlimited access to our refreshment stations (fully stocked with tea, coffee and other beverages)
Two paid days for volunteer opportunities
Well-being days


#GTA2024%6253490% %%management%%

Source