Benson Industries, Inc. Security Operations and IT Continuity Manager - Chesterfield, MO in Chesterfield, Missouri
MiTek® USA Inc., a subsidiary of Berkshire Hathaway, Inc. is the world's leading supplier of state-of-the-art, engineered connector products, engineering services, and computer-driven machinery for the building component industry. We provide the industry's most advanced, most comprehensive, and most innovative software for design and manufacturing. Our products and services are backed up by a team of industry professionals who are dedicated to one goal – making our customers successful.
The Security Operations and IT Continuity Manager is a results-oriented, efficiency-focused role responsible for managing all of the operational aspects of IT security and IT continuity; complying with all security requirements and IT continuity requirements and ensuring compliance. This position manages the Security Operations and IT Continuity professionals which execute and support these activities; including but not limited to planning, administration, implementation, upgrade, and maintenance of such services. This role is also responsible for establishing the enterprise annual recurring IT Continuity services test schedule, managing services tests, and reporting on such activities. The Security Operations and IT Continuity Manager is responsible for Information Security operations and Incident Response (IR) activities for low and medium impact incidents. This role is responsible for daily security operations with regard to monitoring, maintenance, and ongoing operation of security infrastructure in order to ensure the confidentiality, integrity, and availability of Information Assets.
In addition, the Security Operations and IT Continuity Manager is responsible for detection and response to security incidents, leading the internal Incident Response Team (IRT), as well as coordinating internal and external IR activities related to low and medium impact incidents and escalating high impact or risk of high impact incidents for Incident Response management to the Information Security Manager. Review and evaluate work of purpose partners and prepare performance reports. Prepare activity and progress reports. Manage fiduciary responsibilities to ensure spending is in alignment with budgeted goals and objectives. Additional responsibilities will be assigned as deemed necessary and will include support requirements such as: 24 hour on-call coverage for “pilot” applications or production support issues. Although travel is usually planned in advance issues can arise which could warrant immediate travel to one or more satellite locations.
MiTek is an E-Verify and Drug and Tobacco-Free Workplace We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
*Managerial/Leadership Essential Functions *
- Provide oversight and direction to purpose partners in accordance with the organization's culture, policies, and procedures to meet team, department, and company goals.
- Recruit, interview, select, hire, and employ an appropriate number of purpose partners with proper skills to accomplish team, department, and company goals.
- Coach, develop skills, and mentor purpose partners at all experience levels; including overseeing new purpose partner onboarding and providing career/development planning and opportunities.
- Set expectations for team members by defining the outcomes along with the steps to support accurate performance measurement and personal accountability.
- Empower purpose partners to take responsibility for their jobs and goals. Delegate responsibility and expect accountability; including a frequent, consistent, fair feedback process.
- Foster a spirit of teamwork and unity that: allows for differing points of view to be shared openly, encourages collaboration, cohesiveness, and supportiveness, and deals with conflicting ideas and perspectives in an expeditious and healthy manner.
- Lead purpose partners to meet the organization's expectations for productivity, quality, and goal accomplishment.
- Manage purpose partner work schedules including assignments, job rotation, training, vacations, and paid time off, telecommuting, cover for absenteeism, and overtime scheduling to meet team, department, and company goals.
- Manage the overall operational, budgetary, and financial responsibilities and activities of your area(s) of responsibility.
- Make business decisions that are financially responsible, accountable, justifiable, and defensible in accordance with organization policies and procedures.
- Establish and maintain relevant controls and feedback systems to monitor the operation of your area(s) of responsibility.
- Review performance data to monitor and measure productivity, goal achievement, and overall effectiveness to meet team, department, and company goals.
- Innovate, plan, evaluate, and improve the efficiency of business processes and procedures to enhance speed, quality, efficiency, and output.
- Design, deliver, and manage effective communications throughout all levels of the organization for your areas of responsibility and the purpose partners entrusted to your care.
- Collaborate with other IT functional leaders to set overall IT direction and deliver projects that span business areas in a cost-effective way that complies with enterprise standards and processes. Team up with peers and business leaders to manage an effective IT governance framework.
- Ensure purpose partners are adhering to organizational methodologies, company policies, and procedures.
- Consistently operate in a caring, humble, purposeful, transparent, mature manner; leading by example and modeling MiTek’s core values.
*Job Related Essential Functions *
- Leads and manages personnel in operational activities to ensure the confidentiality, integrity, and availability of information assets, in accordance with applicable regulatory guidance and requirements, along with industry best practices.
- Leads the day-to-day IT Security operational activities. This includes the end-point security suite, firewalls, IDS/IPS, threat detection, security information and event management (SIEM), vulnerability management, etc.
- Manage security issues impacting Business systems by identifying and mitigating IT security threats and vulnerabilities in an efficient and timely manner.
- Monitor and advise management of industry changes affecting information security, working proactively to help the organization understand and implement appropriate changes.
- Ensure compliance of Security Operations in accordance with all IT security policies, processes, and procedures
- Manage the operation, administration, and maintenance of the Data Backup and Recovery process, procedures, and services to include regularly reoccurring IT Continuity Testing.
- Manage and Execute the Global Information Security Incident response (IR) processes, procedures, and tools to support the enforcement of the company’s IR plan. Respond immediately to security-related incidents and provide a thorough post-event analysis.
- Manage a diverse team of security administrators, analysts and IT professionals
- Analyze information to evaluate the effectiveness of controls, determine the accuracy of reports, and monitor the efficiency and effective security of operations.
Education & Experience:
- Bachelor or Advanced degree related to Computer Technology/Management Information Systems/Programming/Development required.
- 7+ years’ experience performing IT security related roles
- 4+ years managing Security Operations in an enterprise environment required.
- Certification as an Information Security Manager (CISM), Global Information Assurance Certification (GIAC) Cyber Defense certification(s), or equivalent other security related certification required.
- Experience with the administration and operation of multiple security platforms and defensive layers, including anti-malware, firewalls, intrusion detection/prevention systems, log correlation and management, operating systems, protocols, and incident response.
- Ability to learn additional programs as required. Knowledge of security best practices, including least privilege, defense in depth, attack vectors, etc.
- Knowledge of the principles, practices, and techniques used in the installation, maintenance, and support of hardware, software, applications, databases, virtualization, and peripherals found in enterprise networked environments in relation to their related security risks and vulnerabilities.
- Knowledge of networking topologies, equipment, protocols, transmission media, and network management practices in relation to their related security risks and vulnerabilities.
- Ability to demonstrate excellent decisive judgment and assess the potential business impact when researching a security event or incident.
- Familiarity with NIST Security Standards and Procedures (specifically 800-53 and 800-61), CIS 20 Critical Security Controls, and ITIL Framework and Change Management.
- In-depth experience in: Identity and Access Management, Network Security, Cloud Security, Data Security, Application Security, and Infrastructure OS Platform Security.
- Demonstrated success in leading, coaching, and developing all experience levels of talent.
- Candidate should possess exceptional communications skills and strong documentation and organization skills, be detail oriented, and self-motivated with a demonstrated ability to be a strong problem solver and decision maker with the courage and conviction to follow through on decisions, mediate conflict, and drive change.
- Demonstrated presentation skills and credibility to win support and align the organization and possess a high level of intellectual curiosity and analytic skills.
- Strong commitment to company core values are required.
Tracking Code: P08653
Job Location: Chesterfield, Missouri, United States
Position Type: Full-Time/Regular