AddressFull job description
OPENTEXT - THE INFORMATION COMPANY
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
Job Description – Manager, Security (Security Operation Center)
ENABLING THE DIGITAL WORLD
OpenText enables the digital world by simplifying, transforming, and accelerating enterprise information needs, on premises or in the cloud. We embrace all things digital and are committed to being the Best Place to Work for our Employees in over 140 locations around the world.
We obsess over our customers to ensure they are wildly successful in embracing the Digital World. Our customers entrust us with their most important information, we need to be their most trusted partner. What we do, we do well. What we create, we do purposefully to impact the world. If you believe in this and are passionate about enabling the Digital World, then let OpenText turn your career vision into reality.
The Opportunity:
The Manager, Security Operation Center is a member of the Information Protection Center team reporting to the Sr. Manager, Information Security. This position works across Corporate and Production teams to ensure the successful implementation of security tools, services, and technology. The Security operations center manager provides oversight and management of the SOC including security operations management and security incident response, incident detection and analysis, containment, and eradication of cybersecurity incidents. This position will manage resources, priorities, and internal projects, and manage the team directly when responding to business-critical security incidents. The organization’s point of contact for security incidents, compliance, and other security-related issues. This role also expects the Security Manager to be hands on, monitoring SIEM alerts, manages, and configures security monitoring tools. Prioritizes and triages alerts or issues to determine whether real security incident is taking place. Receives incidents and performs deep analysis; correlates with threat intelligence to identify the threat actor, nature of the attack, and systems or data affected. Defines and executes on strategy for containment, remediation, and recovery.
This position will require to undergo a Security Screening with the Government of Canada’s Personnel Security Screening Division to be granted a Reliability Status (protected) clearance to work on government contracts to access Protected B information and assets.
You are great at:
Defining, managing, and implementing a comprehensive SOC service
Be a leader in the expansion and growth of the SOC
Lead the response to significant Security incidents, ensuring the SOC teams effective response
Collaborate with client technical teams for issue resolution and mitigation
Organizing and prioritizing assessments of security controls and services to ensure accurate coverage reporting and identification of coverage gaps
Review personnel resources daily to assess workload and quality of work
Coordinate with Incident Response, Threat Intelligence and Threat Hunting teams to create post-incident feedback loop to educate SOC analysts and enhance detection capability
Implementing tools and processes to automate and visualize security metrics, reporting, and dashboards for varying audiences
Develop and maintain Standard Operating Procedures for security analyst roles and responsibilities
Interfacing with internal audit and compliance teams to produce required security artifacts
Overseeing technical coordination/project management for security initiatives, projects, and integration of security tools and services
Coordinating risk assessments for requested deviation to security policy/controls
Security monitoring, managing security cases & tickets, security incident analysis, and other security tasks.
Analyzing a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools)
Responding to incidents varying from endpoint to server systems
Conducting security reviews, risk analysis, and controls reviews in adherence to security policy
Researching security advisories, e.g., CERT, and delivering appropriate course of action
Creating documentation to ensure all team members can perform required tasks
Creating meaningful and detailed metrics based on security events or activities
Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)
Optimizing day-to-day shift resources and needs
Ensuring appropriate staffing and coverage for assigned shifts
Managing and communicating up effectively to leadership regarding staffing needs, events that occurred, etc
Skills and Attributes
Creating and refining metrics to articulate and measure SOC performance.
Knowledge and experience managing a SOC
Experience in a delivery, operational or security program management role and previous experience in a leadership or supervisory role
Demonstrated experience generating metrics to measure service and program effectiveness
Understanding of compliance frameworks, like PCI, ISO 27001, NIST, etc.
Excellent analytical skills, troubleshooting and problem solving
Must be able to work in a fast paced and changing environment while handling multiple tasks, priorities, and directives. Capable of working under pressure.
Excellent English writing and verbal communication skills
Education & Experience
BS in Computer Science, Cyber Security, or Information Security preferred
7+ years of information security experience
4+ years of experience working in a Security Operations Center
3+ years of experience managing a Security Operations Center
Experience and knowledge with Protected B classification preferred
Canadian government Reliability Status (protected) clearance preferred
CISSP, CISA, CISM, or other industry certifications preferred
Work Location
The preferred location for the position is in Canada, Waterloo ON, Mississauga ON, Richmond Hill ON, Montreal QC
OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. Should you require accommodations during the selection process, please contact accommodationrequests@opentext.com.
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
Job Description – Manager, Security (Security Operation Center)
ENABLING THE DIGITAL WORLD
OpenText enables the digital world by simplifying, transforming, and accelerating enterprise information needs, on premises or in the cloud. We embrace all things digital and are committed to being the Best Place to Work for our Employees in over 140 locations around the world.
We obsess over our customers to ensure they are wildly successful in embracing the Digital World. Our customers entrust us with their most important information, we need to be their most trusted partner. What we do, we do well. What we create, we do purposefully to impact the world. If you believe in this and are passionate about enabling the Digital World, then let OpenText turn your career vision into reality.
The Opportunity:
The Manager, Security Operation Center is a member of the Information Protection Center team reporting to the Sr. Manager, Information Security. This position works across Corporate and Production teams to ensure the successful implementation of security tools, services, and technology. The Security operations center manager provides oversight and management of the SOC including security operations management and security incident response, incident detection and analysis, containment, and eradication of cybersecurity incidents. This position will manage resources, priorities, and internal projects, and manage the team directly when responding to business-critical security incidents. The organization’s point of contact for security incidents, compliance, and other security-related issues. This role also expects the Security Manager to be hands on, monitoring SIEM alerts, manages, and configures security monitoring tools. Prioritizes and triages alerts or issues to determine whether real security incident is taking place. Receives incidents and performs deep analysis; correlates with threat intelligence to identify the threat actor, nature of the attack, and systems or data affected. Defines and executes on strategy for containment, remediation, and recovery.
This position will require to undergo a Security Screening with the Government of Canada’s Personnel Security Screening Division to be granted a Reliability Status (protected) clearance to work on government contracts to access Protected B information and assets.
You are great at:
Defining, managing, and implementing a comprehensive SOC service
Be a leader in the expansion and growth of the SOC
Lead the response to significant Security incidents, ensuring the SOC teams effective response
Collaborate with client technical teams for issue resolution and mitigation
Organizing and prioritizing assessments of security controls and services to ensure accurate coverage reporting and identification of coverage gaps
Review personnel resources daily to assess workload and quality of work
Coordinate with Incident Response, Threat Intelligence and Threat Hunting teams to create post-incident feedback loop to educate SOC analysts and enhance detection capability
Implementing tools and processes to automate and visualize security metrics, reporting, and dashboards for varying audiences
Develop and maintain Standard Operating Procedures for security analyst roles and responsibilities
Interfacing with internal audit and compliance teams to produce required security artifacts
Overseeing technical coordination/project management for security initiatives, projects, and integration of security tools and services
Coordinating risk assessments for requested deviation to security policy/controls
Security monitoring, managing security cases & tickets, security incident analysis, and other security tasks.
Analyzing a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools)
Responding to incidents varying from endpoint to server systems
Conducting security reviews, risk analysis, and controls reviews in adherence to security policy
Researching security advisories, e.g., CERT, and delivering appropriate course of action
Creating documentation to ensure all team members can perform required tasks
Creating meaningful and detailed metrics based on security events or activities
Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)
Optimizing day-to-day shift resources and needs
Ensuring appropriate staffing and coverage for assigned shifts
Managing and communicating up effectively to leadership regarding staffing needs, events that occurred, etc
Skills and Attributes
Creating and refining metrics to articulate and measure SOC performance.
Knowledge and experience managing a SOC
Experience in a delivery, operational or security program management role and previous experience in a leadership or supervisory role
Demonstrated experience generating metrics to measure service and program effectiveness
Understanding of compliance frameworks, like PCI, ISO 27001, NIST, etc.
Excellent analytical skills, troubleshooting and problem solving
Must be able to work in a fast paced and changing environment while handling multiple tasks, priorities, and directives. Capable of working under pressure.
Excellent English writing and verbal communication skills
Education & Experience
BS in Computer Science, Cyber Security, or Information Security preferred
7+ years of information security experience
4+ years of experience working in a Security Operations Center
3+ years of experience managing a Security Operations Center
Experience and knowledge with Protected B classification preferred
Canadian government Reliability Status (protected) clearance preferred
CISSP, CISA, CISM, or other industry certifications preferred
Work Location
The preferred location for the position is in Canada, Waterloo ON, Mississauga ON, Richmond Hill ON, Montreal QC
OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. Should you require accommodations during the selection process, please contact accommodationrequests@opentext.com.
