Senior Manager – Information Security

Senior Manager – Information Security

Requirements

• Ability to lead and mentor a technical team with varying skill level
• Strong Security Architecture experience and knowledge of Security Best Practices and Industry Standards
• Experience with securing Windows, Mac, Linux, mobile devices
• Experience with securing IaaS (AWS, GCP, Azure, OCI), SaaS and working with environment owners on resolutions
• Technical understanding and experience with network security technology including IDS and IPS, and network traffic analysis
• Understanding of the TCP/IP protocol stack and application protocols such as HTTP, SNMP, SMTP, DNS, and DHCP
• Experience with security controls for WAN, LAN, WLAN, VPN, Zero Trust and Cloud architectures
• Hands-on experience and strong knowledge of most of the following technologies: Endpoint Malware Protection/EDR, IDS/IPS, SIEM, Email Security/DMARC, DNS Security, Web Security (Proxy, WAF, DDoS), CASB, DLP, Encryption, PAM, MDM, Posture Management tools (e.g. CNAPP, CSPM, SaaSPM)
• Ability to collaborate with other technical teams to reach a common goal
• BA/BS in Computer Science, Information Technology, SANS training or equivalent experience
• Ability to perform well, in an agile environment, with minimal supervision
• Self-motivated while demonstrating a passion for Cybersecurity
• Minimum 10+ years of experience in Information Security and 5+ years management experience

Responsibilities

• Collaborate with senior members of various groups across Tenable, including Executive Staff and the CEO
• Partner with CSO on special projects, presentations, etc. and proactively represent Security as needed – internally to Tenable and externally
• Be an active member of the Information Security Leadership team; Work with others on the Security Leadership team to ensure the broader team has strong connections with Tenable; Have an active presence in the office and be readily available to the team
• Outstanding written and verbal communication with demonstrated ability to communicate effectively with all levels of the organization; informal and formal presentations
• Coach, mentor and enable members of the team; Create a positive working environment; Provide project management and leadership support for the team
• Attract strong cyber technical talent and work with each team member to develop their full potential
• Provide off-hours support on an infrequent but as needed basis; including weekends and holidays based on operational tempo
• Recommend, evaluate and deploy security solutions and build associated security programs
• Identify opportunities to improve the quality and resiliency of cybersecurity systems and applications
• Create documentation and write/review Standard Operating Procedures and Security Policies
• Manage time and technical responsibilities, set accurate expectations and meet deadlines
• Perform Security Architecture reviews and provide Information Security guidance
• Contribute to governance, risk and compliance initiatives via audits, certification and attestations

Preferred Qualifications

• Knowledge of scripting (Python) is preferred but not required
• Knowledge of application security controls and concepts (e.g., SAST, DAST, SCA, etc.) is preferred but not required
• CISSP, GIAC certifications or other Infosec certifications are a plus