Information Technology Security Manager

About the Role

As the Information Technology Security Manager (Incident Management) at Visionet Systems Inc., you will lead critical information gathering efforts during investigations into suspected and confirmed security incidents. This role is essential for protecting personal and confidential information. You will need to demonstrate deep proficiency in incident analysis, data gathering, and information synthesis across all facets of IT security management. Furthermore, you will be the primary interface with and responder to internal business unit IT representatives and stakeholders at all levels during emerging security incidents, whether real or simulated.

Key Responsibilities

• Primarily responsible for the rapid response to and effective recovery from emerging information security incidents, acting as the central point leading response efforts and ensuring decisive action to contain and remediate situations.
• Respond to cybersecurity incidents and perform thorough triage to accurately assess the severity of the incident and determine the most appropriate response strategy.
• Conduct open-source intelligence (OSINT) investigations to diligently identify and track malicious actors, along with their tactics, techniques, and procedures (TTPs).
• Actively participate in red team/blue team exercises to rigorously test and continuously improve Visionet Systems Inc.'s incident response capabilities.
• Collaborate effectively with other members of the cybersecurity team to develop, implement, and refine security controls and incident response procedures.
• Provide expert technical guidance and mentorship to junior incident responders, fostering their growth and skill development.

Required Skills and Experience

• 7+ years of overall experience in Information Technology.
• 3+ years of professional experience specifically in an information security function, including comprehensive analysis and application of information security risk management and privacy practices.
• 2+ years in a dedicated information security incident handling role.
• Strong understanding of network protocols and various security technologies, including firewalls, intrusion detection systems, and encryption.
• Demonstrated experience with open-source intelligence (OSINT) tools and techniques.
• Proven experience with both cloud and physical forensic investigations, including the ability to deliver clear and concise executive reports.
• In-depth knowledge of red team/blue team exercises and practical experience participating in such simulations.
• Advanced technical understanding of incident response frameworks and methodologies, with a keen focus on automation.
• Hands-on experience with Intel, SIEM, and SOAR platforms, such as ThreatConnect/MISP, Snowflake/Splunk, and Swimlane/DeMisto.
• Expertise with commercial and open-source digital forensic toolsets like Encase, AccessData, SIFT, and Axiom.
• Flexible working hours are required to support a global operation.

Key Skills/Competency

• Incident Management
• Cybersecurity Response
• OSINT
• Red Team/Blue Team
• Security Controls
• Digital Forensics
• SIEM/SOAR
• Network Security
• Information Security Risk
• Threat Intelligence