"Alerted.org

Job Description

The **Information Security Sr.** **Manager** plays a pivotal role in advancing DFA’s information security program capabilities. This role handles the complex and detailed technical work necessary to integrate various security and data protection technologies, control standards, and processes into a cohesive architecture that sufficiently mitigates security risk. Specifically, this position will design and lead the adoption of appropriate and reasonable security standards and controls for computer platforms, applications and networks based on the needs of DFA stakeholders, industry-recognized frameworks and practices, and regulatory security requirements.

As a direct report to the Director of Security Operations, this is a senior position where communication and alignment of efforts with other technical and business teams is necessary.

Job Duties and Responsibilities:

+ Provide leadership and strategic oversight for security engineers, including Vulnerability Management, Operational Technology Security, Endpoint Security, Email Security, Network Security, SIEM/Logging, and Security Architecture.

+ Develop and implement strategies to build a high-performing security operations engineering team by fostering professional growth, encouraging collaboration, and ensuring continuous skills development. This includes creating individualized development plans, mentoring team members, promoting cross-training opportunities, and cultivating a culture of accountability and innovation to meet evolving organizational security needs.

+ Support achievement of Information Security’s strategic objectives by ensuring policies, processes and standard controls are adopted and applied consistently across the organization.

+ Develop, track, and report actionable security and team performance metrics that measure operational effectiveness, risk reduction, and compliance. Ensure metrics provide clear insights into vulnerability management progress, incident response efficiency, tool utilization, and team productivity, enabling data-driven decisions and continuous improvement across security operations. Perform other miscellaneous duties as assigned.

+ Create and maintain high quality documentation for current and proposed security architecture, standards, procedures, and technical configurations.

+ Research, recommend and/or develop new or improved tools to enhance security services, information intelligence and analytics.

+ Continually stay informed on security and technology issues and emerging threats that could impact the business and communicate these issues within the security team and other appropriate audiences.

+ Function as a information security technical expert; provide advisory and consulting services to business and technical teams.

Requirements

Qualifications:

+ Bachelor’s degree in information security, computer science or other related field (work experience may be substituted for the required education on a year for year basis).

+ Minimum of 5 years of senior level information security and\or IT technical work experience.

+ At least one professional security certification (CISSP, SANS, CEH, or other relevant certification) is preferred.

+ Strong understanding of current information security threats, standard frameworks (e.g., NIST CSF, ISO27001\2)

+ Extensive experience with implementing and managing common security technologies including centralized log management, application and system vulnerability scanning, intrusion detection\prevention, antimalware, encryption, and authentication and access controls.

+ Expert understanding of security controls to protect both on-premises and cloud-based platforms.

+ Strong leadership ability with the capability to develop and guide security team members and work effectively with business stakeholders and technical staff.

+ Excellent written and verbal communication skills with the ability to effectively communicate complex concepts, policies, and procedures to individuals with a varying range of expertise, interests, and backgrounds.

+ Excellent problem solving and analytical skills with the ability to quickly isolate problems, collect data, establish facts, and draw valid conclusions.

+ High level of integrity and judgement concerning privacy and confidentiality issues

_Knowledge, Skills, and Abilities_

+ Strong understanding of and ability to apply recognized security frameworks (e.g., NIST) within a business environment.

+ Expertise in security incident response processes and best practices.

+ Proficiency with Microsoft operating systems across both workstation and server platforms.

+ Hands-on experience with Microsoft Azure services and cloud security principles.

+ Knowledge of project management tools and techniques

+ Knowledge of principles and practices of supervision, training, and personnel management

+ Skill in proficient computer usage

+ Skill in critical thinking, analysis, mathematical calculations, and statistical evaluations

+ Able to communicate clearly and effectively, both verbally and in writing

+ Able to apply technology solutions to business problems

+ Able to work with accuracy and attention to detail

+ Able to work in collaboration effectively and foster good teamwork

+ Able to present ideas using language that is relatable to business and end-users

+ Able to consider impact of actions and decisions on employees, coworkers, and customers

+ Able to multi-task and problem solve

+ Able to work independently and as part of a team

+ Able to prioritize and meet deadlines

+ Able to promote a team environment

+ Able to present to diverse audiences from front line team members to senior management

+ Able to perform task and duties without constant supervision

+ Able to read, write, and speak English

Additional desired skills, competencies and experience include:

+ Experience in the Dairy, Food and Beverage or Consumer Products Industry

+ Experience with managing external service providers.

+ Experience with Operation Technology devices in manufacturing

An Equal Opportunity Employer including Disabled/Veterans