Manager, Information Security Operations

Autonation is looking for an Information Security Operations Manager to be a hands-on technical resource and manage a security operations team. This role’s primary responsibilities include managing a security operations team triaging security alerts, supporting security tools, and providing hardening recommendations to improve AutoNation’s security posture. This work requires the manager to be able to manage people and work hands on with security tools, documenting processes, and collecting metrics.

Organizational Relationships:

The incumbent works with the Information Technology team, AutoNation Business units and 3^rd parties to promote and support and follow up on secure information process and technology.

Job Responsibilities include:

• Managing a team of technical contributors, responsible for the effective coordination and execution of day-to-day security operations activities including administering security tools and processes.
• Security Operations manages tuning recommendations and responding to security alerts and investigations.
• Oversees Cybersecurity Incident Response program and tasks.
• Manages the team within established budget, including the reallocation of funds based on shifting priorities.
• Provides the technical oversight and leadership necessary to accomplish work with necessary understanding and alignment with peer unit leaders.
• Coaches and guides team members.
• Manages 3^rd Party MSSP
• Provides input to financial and people resource plans for the area. Ensures resources are in place and operating effectively within the technical discipline.
• Develops work plans and priorities for the SecOps team based on objectives received.
• Makes hiring recommendations.
• Is responsible for all performance related activities, including performance reviews. Provides input to compensation decisions.
• Integrates internal and external resources to meet team and organizational needs.
• Identifies areas of risk and develops remediation strategies or escalates as necessary.
• Ensures that team members are aware of and aligned to AutoNation goals and objectives.
• Supporting and remediating security assessments.

 Team Responsibilities Include:

• End point security technologies administration and maintenance.
• Network security tools.
• SIEM alerting, tuning and response. Analyze logs, identify, recommend, and improve current logging requirements and help oversee SIEM environment, logging and alerting.
• Cybersecurity investigations for both internal and external threats.
• Email Security investigations and response.
• Cryptographic key and digital certificate oversight.
• Participate in Cybersecurity Operations on call rotation with some after hours and weekend work required.
• Make recommendations to management on enhancements to existing and new security hardware, software or related tools. Assist in evaluating, planning, configuration, and implementation of new/existing security applications/tools.
• Perform risk analysis for corporate functional and technical areas relevant to data security.
• Configure, implement, monitor, and support security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and procedures. This includes but is not limited to Intrusion Detection System/Intrusion Prevention System (IDS/IPS) (Host/Network/Wireless), secure file transfer, Data Loss Prevention (DLP), full disk encryption, firewall rule assessments, log management/correlation, secure password storage/retrieval, application whitelisting, vulnerability management, threat hunting, etc.
• Identify security threats and provide recommendations and remediation steps.
• Support security assessments and remediation.

Experience

• 3-5 years in a Security Operations role.
• People management preferred.
• Experience investigating and identifying threats.
• Experience working with forensics tools and developing processes.
• Experience administering and managing end point security and network security tools.
• Creating and maintaining runbooks, policies, and procedures.
• Cloud security knowledge a plus.

Qualifications:

• BS. Degree required in Computer Science, Information Technology, or related field of study; or any equivalent combination of relevant background, skills and experience.
• 3-5 year’s relevant experience in Information Security in medium to large organizations.
• One or more security certifications such as CFCE, CCE, CSFA, CISSP, CISA, SANS GIAC, or relevant security certification(s) required. Additional technology certifications such as MCSE, CCNA/CCNP, PMP, etc. preferred.
• Strong analytical, prioritizing, interpersonal, problem-solving, and presentation, project management (from conception to completion) and planning skills
• Strong verbal and written communication skills.
• Strong negotiation/mediation skills.
• Ability to work with and influence senior management.
• Ability to work in a fast-paced and deadline-oriented environment.
• Self-motivated with critical attention to detail, deadlines and reporting.

Next Possible Position: Senior Information Security Operations Manager

Physical Requirements:

• Extended working hours may be required as dictated by management and business needs.
• Ability to travel (25%) to multiple facilities as business needs dictate.
• May be required to lift, push, or pull materials weighing up to twenty (20) pounds.
• May be required to sit and review information on a computer screen for long periods of time.
• May require repetitive motions of the hands and wrist related to writing and typing at an electronic keyboard.

The intent of this job description is to provide a representative summary of the major duties and responsibilities performed by incumbents of this job. Incumbents may be requested to perform job related tasks other than those specifically presented.

keywords: Cybersecurity Incident Response program, Information Security manager, CFCE, CCE, CSFA, CISSP, CISA, SANS GIAC, SIEM, Fort Lauderdale, Miami, South Florida

Company Overview