Role: IT Security Manager
Department: Information Security
Reports To: The CISO
Type: Full Time
The IT Security Manager will be responsible for developing & managing the global IT security function in the CISO office. He will own & drive the global rollout of a robust & formal approach to deliver the IT security programs & solutions across all technology platforms & business environments. At its core, he will ensure appropriate implementation & operation of IT security controls such as network security, threat & vulnerability management, penetration testing, asset management & protection, security architecture & cloud security, etc. based on the appropriate risk to technology & business environments. He will ensure that the risk to the organizations information posed by a variety of cyber threats is minimized, & when cyber-attacks occur or data are stolen or compromised, these incidents are dealt with promptly & effectively & the chance of that particular type of incident recurring is minimized.
In order to be successful in this role, the candidate must:
- Develop security solutions & services including defining goals, metrics, roles, responsibilities, process, & technology to support the information security program.
- Identify & implement technology or process improvements that mature our security services.
- Interact with peer teams to develop & enhance the security program will be critical to success.
- Provide consulting to peer teams with security standards & best practices.
- Lead large complex initiatives & challenges around IT Security.
- Work directly in building & integrating security tooling & features cross organization to ensure secure products systems.
- Participating in design reviews, code reviews, & threat modeling.
- Have experience with cloud providers & security/configuration management (e.g. GCP).
- Know the importance of architecting & building systems for High-availability, Business Continuity & Disaster Recovery.
- Have a strong technical background.
- Work autonomously with minimal direction & oversight.
Primary Job Responsibilities
- Research the latest information technology security trends.
- Monitor the organizations networks & infrastructure for security vulnerabilities & lead the mitigation plans.
- Help to design, implement, & maintain the organizations cyber-security plan.
- Direct implementation of security controls according to standards & best practices for the organization.
- Direct the installation & use of security tools to protect sensitive information.
- Recommend security enhancements to IT Management.
- Ensure that IT security audits are conducted periodically or as needed.
- Manage information security risks by routine assessments & developing a vulnerability & patch management plan & implementing the required controls.
- Produce scheduled reports of the status of ITs compliance with DoubleVerifys information security program, contractual requirements & globally-recognized standards & guidelines
- Lead all information security implementation projects & provide hands-on support.
- Work with the incident response team to contain & investigate security events, & prevent future information security breaches with detailed root cause analysis.
- Develop & maintain technology, operations roadmaps for security infrastructure components, including but not limited to intrusion prevention/detection, data security, identity & access management, IT/network security, security information & event management, vulnerability management, code review, etc.
- 10+ years experience in information technology; 5+ in leading an IT Security team.
- 5+ years of experience working with information security controls & deployments in a production environment.
- Experience in network & infrastructure security.
- Experience in security or network architecture/engineering role including designing & deploying security solutions.
- Strong analytical skills & cross functional knowledge across multiple security disciplines.
- Working experience with cloud providers, such as Google Cloud. Experience with securing cloud environments.
- Strong working experience with systems automation in a major scripting language (Perl, Python, Powershell).
- Solid project/program management experience.
- Creative thinker that leverages unconventional & innovative ideas to solve problems.
- Strong interpersonal, verbal presentation & written communication skills.
- Must possess a high degree of integrity, be trustworthy, & have the ability to work independently.
- Detailed understanding of security products.
- Strong hands-on experience in implementing & operating security solutions.
- Deep understanding of IT infrastructure & systems
- Education Bachelors degree in computer science or related area.
- Industry recognized certification in security (e.g., CISSP, CISA, CISM, CEH, etc.)
- Deep understanding of the online advertising industry & ad platforms (networks, DSPs, ATDs, SSPs, Exchanges).