PURPOSE STATEMENT
The Manager, Security Operations, reports to the Director, IT and is responsible for leading, designing, documenting and maintaining security operations management, measurement and reporting activities as required for the successful establishment of Security and Privacy. This role will be required to maintain a strong knowledge of emerging security technologies and to provide input to the CIO and Executive Leadership Team. Business stakeholders will rely on this role regarding management and instruction of continuous improvement opportunities. Expertise in leading project teams and developing and managing projects is essential for success in this role.
ESSENTIAL FUNCTIONS/RESPONSIBILITIES
- Complies with all safety rules and cooperates in the fullest in the promotion of safety and safe work habits, to include the reporting of any unsafe conditions or acts. Maintains all EH&S training on a current basis.
- Complies with all applicable Argo and Hawaii Gas policies and procedures.
- Maintains assigned work area and equipment in a clean, orderly, and safe manner; performs housekeeping duties as required and/or instructed. Works in a safe and responsible manner.
- Manage applications related to cybersecurity including but not limited to Mimecast and Rapid7.
- Create programs designed to increase cybersecurity awareness within the company such as phishing campaigns and annual cybersecurity training programs.
- Manage the IT Change Management program in accordance with standard ITSM concepts.
- Prepare and deliver reports to management on the status of employee training and the health of the IT environment as they relate to cybersecurity.
- Recommend improvements to process and equipment to increase cybersecurity.
- Stay abreast of current cybersecurity threats both general and industry specific.
- Create and maintain relationships in the local community with organizations dedicated to cybersecurity.
- Manage investigations of cybersecurity incidents and coordinate external resources when required.
- Develop metrics for ongoing performance measurement and reporting.
- Participate as necessary in projects and operational evolutions to provide cybersecurity oversight and advice.
OTHER FUNCTIONS/RESPONSIBILITIES
- Performs all other related duties as instructed by supervisor/manager.
- May be required to participate in project planning and other high level tasks not directly related to the job description.
Required Education and/or Work Experience
- 4-year college degree in Computer Science or Information Systems Management and 2-3 years of demonstrated focus on cybersecurity functions.
Preferred Education and/or Work Experience
- 4-year college degree and 5-7 years of directly related experience.
Required Licensure, Certification, Registration or Designation
- CISSP or equivalent Cybersecurity certifications.
Preferred Licensure, Certification, Registration or Designation
- ITIL V3 or V4 certification.
Required Education and/or Work Experience
- 4-year college degree in Computer Science or Information Systems Management and 2-3 years of demonstrated focus on cybersecurity functions.
Preferred Education and/or Work Experience
- 4-year college degree and 5-7 years of directly related experience.
Required Licensure, Certification, Registration or Designation
- CISSP or equivalent Cybersecurity certifications.
Preferred Licensure, Certification, Registration or Designation
Communication/Competency/Skill Requirements
- Flexible and adaptable to changes within the position/department/company.
- Able to steward themselves in a professional and courteous manner to promote a harmonious working environment.
- Able to communicate professionally, courteously, and effectively utilizing standards means of communication within the workplace (i.e., verbal, written, e-mail, phone, text, etc.).
- Strong experience-based technical knowledge with scoping, designing and implementing of large scale, complex and multi-technology projects; including but not limited to Security Operations Center, Vulnerability Management and Penetration Testing, Firewall Rules Reviews, Mobile Device Management, EndPoint Hardening Controls, Secure Email Protection, Network Infrastructure, Network Access Controls (NAC), Web Filtering, DLP Controls, etc.
- Experience with security risk management, incident response, threat analysis, security auditing, security monitoring and other information security practices.
- Excellent written and oral communication skills with the ability to effectively communicate and collaborate with information technology professionals, senior management, auditors and vendors.
- Strong customer-interaction skills.
- Documentation and presentation skills, analytical and critical thinking skills, and the ability to identify needs and take initiative are key requirement of this role.
- Demonstrate a high level of personal integrity with the ability to professionally handle confidential matters, while exhibiting the appropriate level of judgment and decision making commensurate with the position and its responsibilities.
- Experience managing and motivating multiple direct reports (in remote locations a plus).
- Detailed oriented with ability to prioritize projects and deliverables.
- Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities while under pressure.
- Experience with Microsoft, Linux and / or with other Unix-based operating systems is a plus.
- Telecommunications experience is a plus.
- PC Skills
- Effective written and verbal communication with peers, management, and c-suite level leadership
- Ability to present to executive audiences.