Mgr, Security Operations

EBSCO Information Services (EIS) provides a complete and optimized research solution comprised of e-journals, e-books, and research databases - all combined with the most powerful discovery service to support the information needs and maximize the research experience of our end-users. Headquartered in Ipswich, MA, EIS employs more than 2,700 people worldwide, most now working hybrid or remotely. We are the leader in our field due to our cutting-edge technology, forward-thinking philosophy, and outstanding team. EIS is a company that will motivate you, inspire you, and allow you to grow. Our mission is to transform lives by providing relevant and reliable information when, where, and how people need it. We are looking for bright and creative individuals whose unique differences will allow us to achieve this inclusive mission around the world.

What You’ll Do (Primary Responsibilities):

· Implement, and maintain comprehensive security policies and procedures aligned with industry best practices and regulatory requirements.

· Collaborate with leadership to establish long-range security and compliance goals; define security strategies, metrics, reporting mechanisms, and program services; and create maturity models and a roadmap for continual program improvements that encompasses both on-premise and public cloud environments.

· Manage relationships with vendor partners, including our Managed Security Operations Center (MSOC), security tool providers, and penetration testing consultants.

· Oversee all security operations, including access control, intrusion detection, incident response, and security information event management.

· Manage and supervise a team of security personnel, providing training, mentorship, and performance feedback.

· Identify, prioritize, and manage the remediation of vulnerabilities across the organization's IT infrastructure and applications.

· Lead the incident response process, including:

     o Detecting and investigating security incidents.

     o Containing and mitigating the impact of incidents.

     o Eradicating the root cause of incidents.

     o Learning from incidents and implementing improvements to prevent future occurrences.

· Conduct regular security assessments and penetration testing to identify and mitigate potential security risks.

· Stay current on security threats and vulnerabilities and implement appropriate mitigation strategies.

· Collaborate with Corporate IT, risk management, development teams, and other departments to ensure a holistic approach to organizational security.

· Generate regular reports on security metrics, trends, and incident response activities to leadership.

Your Team:

The EIS Security Operations team is focused on keeping the organization's data and systems safe from cyberattacks, protecting over 8,000 diverse workloads across public and private cloud environments. We work closely with our managed security operations center, penetration testing, and security tool partners to constantly monitor for threats, investigate suspicious activity, and take action to stop attacks. We also collaborate with product development teams to identify and remediate vulnerabilities and provide security guidance and architectural support.

About You:

· Bachelor's degree in Information Security, Computer Science, or a related field. Master’s degree preferred.

· Minimum of 7 years of experience in a security operations, vulnerability management, and/or incident response role.

· 3+ years of leadership experience with a focus on security operations or vulnerability management.

· Possess one or more of the following security certifications: CISSP, CISA, CISM, and/or CompTIA Security+.

· Experience implementing security frameworks such as FedRAMP, ISO27001, NIST Cybersecurity Framework, CIS Controls, and SOC 2.

· Experience with security technologies and tools, including MDR, vulnerability scanners, intrusion detection systems, and incident response frameworks.

What sets you apart:

· Proven track record of effectively developing, implementing, and maintaining security policies and procedures.

· Demonstrated ability to lead and manage a team, including providing training and mentoring.

· Excellent communication, collaboration, and problem-solving skills.

· Strong analytical and critical thinking skills.

· Ability to work independently and as part of a team in a fast-paced environment.

· Experience implementing security controls in traditional data centers and public cloud environments (AWS preferred).

· Experience implementing controls in DevOps/automated (CI/CD) environments.

Our Offer to You:

Target Annual Compensation Range: $141,230 - $201,760

This Pay Target range includes a typical sales commission. The actual salary offer will carefully consider a wide range of factors including your skills, qualifications, education, training, and experience, as well as the position’s work location.

EBSCO provides a generous benefits program including

· Medical, Dental, Vision, Life and Disability Insurance and Flexible spending accounts

· Retirement Savings Plan

· Paid Parental Leave

· Holidays and Paid Time Off (PTO)

· Mentoring program

· And much more! Check it out here: https://www.ebsco.com/about/benefits

We are an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. We strictly prohibit and do not tolerate discrimination against employees, applicants, or any other covered persons because of race, color, sex, pregnancy status, age, national origin or ancestry, ethnicity, religion, creed, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation, benefits, and termination of employment.

We comply with the Americans with Disabilities Act (ADA), as amended by the ADA Amendments Act, and all applicable state or local law.