- Trouvez votre carrière >
- Postes vacants >
- IT Cybersecurity Manager
IT Cybersecurity Manager
Informations générales
Description & Requirements
ANDERSEN CORPORATION SUMMARY
At Andersen, we pride ourselves on our core values of Excellence, Integrity, Innovation, Partnership and being a leader in Corporate Citizenship. Headquartered in Bayport, Minn., Andersen Corporation is the largest window and door manufacturer in North America. Newsweek recognized Andersen as one of “2023 America’s Greatest Workplaces.”
We’re focused on bringing more light into people’s lives by helping them create healthier, happier spaces to build memories and do what they love. This applies to our team, too. Andersen embraces our nine Employee Resource Networks to celebrate our differences and to champion diversity. We are named as a Forbes “Best Employer for Diversity 2022.”
Earning the 2023 ENERGY STAR Partner of the Year—Sustained Excellence Award, Andersen is also committed to environmental health and sustainability. No matter your role, you’ll have the opportunity to make a difference at Andersen.
SUMMARY
As the IT Manager, you will have the opportunity to provide leadership, employee development and management, financial planning, and forecasting. You will also be responsible for defining and directing the overall security monitoring, cyber threat, and incident response capabilities within the security operations team and directing activities to achieve the mission and objectives of Enterprise Information Security
PRIMARY RESPONSIBILITIES
- Manages the department including interviewing, hiring, mentoring, and developing staff members on the security operations team
- Ensures continuous monitoring, alerting, escalation, investigation and response to suspicious events across our digital landscape
- Leads the development of response playbooks, research methods for indicators of compromise, continuous configuration, SIEM customization, and logging requirements for technical assets
- Maintains appropriate chain of custody in support of internal investigations, forensics, and eDiscovery
- Responsible for performance evaluations, coaching, skill and career development, policy administration, performance management and behavior of employees
- Manages the Security tooling ecosystem (i.e.. XDR, SIEM, etc.) including developing the roadmap, overseeing the deployment, integration, configuration, and enhancements to security solutions in accordance with industry-leading practices.
- Leads the response to events reported as possible information security incidents, validating, appropriately prioritizing, and owning the incident response process
- Provides coaching, constructive feedback, workload management and direction to staff to ensure achievement of department OKRs
- Proactively develop procedures, guidelines and standard operating procedures to ensure consistent and repeatable delivery of services
- Evaluates and report on trends of network and computer resource compromise to inform security posture enhancements
- Oversees defensive control enhancements intended to prevent and proactively manage cyber security intrusions
- Leads the monitoring of external information regarding emerging security threats and mitigations, including vulnerabilities, malware and patches
- Communicates audience appropriate and business informed security concerns/exposures to appropriate leadership
- Partner with other Security leaders to develop penetration testing plans against designated infrastructure and vendor applications
- Recommends tools, processes, and practices to improve security posture consistent with risk management practices and tolerance
- Ensures reasonable and effective controls exist to meet current and future security compliance requirements
- Develops and communicates internal standards regarding technical security controls, platform hardening, product requirements, and technical security exceptions
- Consults with Enterprise Information Security, Enterprise Architecture and Information Technology colleagues to continuously evaluate and implement security solutions in response to the evolving threat landscape
- Delivers after-action facilitation through retrospectives, driving continuous improvement, gap identification and remediation
- Provides education, guidance, and oversight for the development of appropriate standards, procedures, methodologies, and playbooks
- Leads tabletops and simulation exercises in support of security awareness initiatives and educational objectives
QUALIFICATIONS AND SKILLS
MUST HAVE QUALIFICATIONS
- BA/BS in Computer Science or equivalent experience in Cybersecurity
- Experience in Security Operations, Incident Response and Investigations, including proven hands-on technical management experience of security analysts
- Proven track record of successfully managing through ambiguity to measurable results
- Experience developing and delivering information on program status and security incidents to senior leadership
- Deep technical understanding of and experience with SIEM platforms, vulnerability scanning and management, incident response planning and execution, EDR, IDS/IPS, content filtering and penetration testing
- Experience recruiting, building, and leading technical teams, including performance management
- Experience analyzing, explaining, and countering attacker tactics, techniques and procedures
- Experience developing policies/procedures for security processes
- Ability to effectively lead Cyber discussions and initiatives communicating in an audience aware manner
- Demonstrated track record of effectively managing both internal and external stakeholders
- Bachelor’s Degree/Master's degree in Information Security
- Relevant cybersecurity certifications (CISSP, CSAM, CISM, etc.)
- Cloud Service Provider Certification (Azure Fundamentals, Azure Cloud, etc.)
- Previous experience in an agile (product-led operating model)
- Previous manufacturing in a complex matrix environment
- Previous experience automating security operations workflows
- Experience automating and integrating incident response workflows via orchestration and DevSecOps tools
- Knowledge of the NIST Cybersecurity Framework
“Be Orange. Be You” is how we express our belief that by embracing our differences and empowering you, we’ll be a stronger team able to accomplish what otherwise wouldn’t be possible. This Orange spirit has helped us become the #1 innovative window and door brand* and the one homeowners love the most.** It’s also why we’re committed to supporting you to approach each day with a bright outlook.
Benefits include, and are not limited to:
· Medical/Dental/Vision/Life Insurance
· Health Savings Account contributions
· Paid holidays plus PTO
· 401(k) plan & contributions
· Professional development and tuition reimbursement opportunities
· Charity contributions
· Nationwide career opportunities
We look forward to seeing how your unique skills, background and experiences will inspire our team and help us continue to be the leader we are today.
In 2024, Andersen has set a profit-sharing target of $4,000 per eligible employee, prorated as appropriate. Profit sharing will be paid out in quarterly installments to provide eligible employees with payments throughout the year, with payment amounts tied to quarterly operating profit performance.
Andersen is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, disability, marital status, national origin, citizenship, genetic information, protected veteran status, or any other characteristic protected by law.
#LI-JL2