Director, Information Security Operations
Job Summary
The Director, Information Security Operations (SecOps) will manage a team of highly skilled Information Security professionals responsible for designing, implementing, and operating controls that safeguard BlackLine’s information resources. The Director will assess and identify business security needs, prioritize work streams, oversee projects, establish and manage operational budgets, priorities and resources, design and manage operational metrics, prepare technical and executive security operation reports related to Security Operations group of the Information Security function. This role encompassed operational security management, security operations center (SOC), vulnerability management, on-call operational support duties, as well as subject matter advisory and education responsibilities. The Director will closely influence and collaborate with Technology and Product teams to design, implement and operate technical security controls that protect the confidentiality, integrity and availability of information and systems. In addition, the role will work together with the Information Security Governance, Risk, and Compliance teams to manage security risks and operate the company’s information security management system. This technically inclined leadership role requires a motivated individual and experienced people manager who will take a comprehensive, business-aligned approach to managing technology and talent, liaise among departments, negotiate complex priorities and deadlines, and provide visibility into technical aspects of the company’s information security program.
Roles and Responsibilities
Information Security Operations program management
- Design, implement, and maintain InfoSec operational standards, policies, processes, and procedures.
- Design, implement, and maintain Security Operations Center (SOC) to continuously monitor security incidents and vulnerabilities to analyze and provide remediation recommendations through effective alliance with various groups within products and technology organization.
- Identify, manage, and communicate portfolio of SecOps projects and align security initiatives with business objectives and risk tolerances.
- Influence and partner with product and technology teams to ensure that information security policies and standards are properly implemented.
- Actively participate and provide professional expertise to information security forums, communities, and industry-specific groups.
- Evangelize security-centric culture and promote security best practices within the organization.
- Lead/elevate security conversations and be the decision maker for operational security matters.
- Collaborate with key stakeholders (Enterprise Risk Management, Legal, HR) on information security risk management and related organizational governance processes.Manage operational security capacity, strategy, tools, and processes.
- Define, manage, and monitor infrastructure, cloud, and end-user security controls.
- Be an active influencer and participant in architecture and strategy discussions with internal stakeholders, partners, and customers.
- Research industry best practices, current trends, threats and vulnerabilities; recommend relevant changes to the company’s control environment.
- Collaborate with infrastructure teams to devise and implement effective solutions to maintain adequate infrastructure and cloud security posture.Manage security operations technologies, processes, and resources.
- Oversee vulnerability management, threat intelligence, security monitoring, incident management, and remediation activities.
- Work with technology operations teams to perform security risk assessments, intrusion testing, implementation and validation of hardening standards.
- Develop, manage and lead incident response and forensic investigation processes.
- Lead security conversations and be the escalation point for security incidents & investigations.
- Continuously evaluate security processes, tools, and operational capabilities, and timely adjust them to maintain effective and efficient operational security processes and tools.
- Design, manage, and communicate operational security metrics to technical team, key business stakeholders, and executive audiences.
Required Qualifications
Years of Experience in Related Field: 10+
- CS, Engineering, or technical operations background with 10 years of experience in information security including 7+ years of progressive management experience.
- 5+ years of cloud security management experience.
- Expertise with current InfoSec concepts, technologies, industry trends, methods and techniques, and operational processes.
- Mature metrics-driven and process-driven team leader, team builder, and team mentor.
- Proven track record of effectively managing core information security tools and processes (e.g.: patch management, log management, malware management, network access control, threat and vulnerability management, web filtering, firewalls, proxies, APT, IDS, DLP, HIDS/NIDS, SOAP, SIEM, incident response, XDR, SOAR)
- Solid understanding of networking fundamentals and commonly used network protocols and services.
- Working knowledge of encryption algorithms and related technologies, TLS, PKI, encryption of databases and data at rest.
- Solid knowledge of common web application platforms, common vulnerabilities, and exploitation techniques.
- Strong understanding of SSDLC, OWASP, web application development, code auditing, manual and automated security testing methods, penetration testing
- Advanced written and verbal communication skills including the ability to visualize technical and security topics for non-technical audiences.
- Ability to evaluate situational risks, operate effectively under ambiguous circumstances, and address confidential and potentially uncomfortable issues.
Preferred Qualifications
- Engineering or operations background with prior hands-on experience.
- Prior experience supporting 24x7 mission-critical technology environments.
- Multi-cloud control design and integration experience including cloud security and operational requirements
Familiarity with SaaS architecture, service design, and support models