Origence is looking to hire a talented Manager, Cybersecurity (Vulnerability and Operations)!
As the Manager of Cybersecurity (Vulnerability and Application Security), you will play a key role in ensuring the security and integrity of our digital assets and IT systems. You will lead a team of cybersecurity professionals, collaborating with cross-functional teams to assess, remediate, and prevent security vulnerabilities in our applications and infrastructure. Additionally, you will play a crucial part in monitoring for and responding to security incidents, coordinating with relevant teams to ensure swift resolution. Your practical experience and expertise will be essential in shaping and executing the overall cybersecurity strategy while staying informed about the latest threats, industry best practices, and emerging technologies
What you will do:
Team Leadership and Development
- Lead, mentor, and inspire your direct reports, fostering a collaborative and growth-oriented work environment.
- Conduct performance evaluations, set goals, and provide ongoing feedback and coaching.
- Define and track key performance indicators (KPIs) for the cybersecurity team to measure their effectiveness and contributions to the organization's security goals.
Security Operations
- Support the Security Operations team in monitoring and responding to security incidents and breaches.
- Collaborate with Incident Response teams to ensure timely identification, containment, and resolution of security incidents.
- Participate in security incident simulations and help refine incident response procedures.
Application Security
- Lead and guide the team members in conducting security assessments, code reviews, and penetration testing of new and existing applications.
- Work closely with software development teams to integrate secure coding practices throughout the software development lifecycle.
- Champion the adoption of security tools, frameworks, and best practices to strengthen application security posture.
Vulnerability Management
- Oversee the identification, assessment, and prioritization of security vulnerabilities across our systems, networks, and applications.
- Develop and implement vulnerability scanning and assessment processes, ensuring timely and effective remediation of identified issues.
- Collaborate with the IT and development teams to address and close security gaps in applications and infrastructure.
- Provide regular reports on the status of vulnerabilities, risk exposure, and remediation efforts to senior management.
- Ensure compliance with relevant cybersecurity regulations and standards
Ongoing Education
- Keeps abreast of innovations and industry trends as well as changes to internal systems and determines how they impacts tools, training, and support necessary to keep systems up, running, and secure
- Participates in and contributes to learning activities around modern systems engineering core practices (communities of practice)
- Leads learning efforts inside the organization focused on systems engineering
- Proactively views articles, tutorials, and videos to learn about new technologies and best practices being used within other technology organizations
The ideal candidate:
Education:
- Bachelor of Science Degree in Systems Engineering, Electrical Engineering, Computer Sciences, Computer Engineering, Information Security, or other related engineering degree.
Experience:
- Industry recognized security certifications; CISSP: Certified Information Systems Security Professional, CISM: Certified Information Security Manager, GIAC: SANS Global Information Assurance Certification, vendor certifications such as Azure Security Engineer (AZ500), etc.
- 13+ years’ experience in an Information Technology role, with 8+ years specific to an Information or Cybersecurity role that include expertise in design, development, and deployment of complex highly available, and secure, integration solutions.
Specialized Skills:
Expert level experience/understanding in as many of the following Security concepts and technologies as possible:
- Architecture and Design
- Web Application Development Experience
- Web Application Penetration Testing Experience
- Container Orchestration
- Understanding of DevSecOps Tooling and Workflows
- Security Testing/Code Scanning Experience (DAST/SAST/RASP/IAST)
- Continuous Integration and Deployment (CI/CD) Experience
- Modern Operating Systems
- Database Systems
- Source Code Repositories
- SSDLC
- AWS Cloud Infrastructure
- Azure Cloud Infrastructure
- Containerization Platforms
- Git
- Web Application Firewall
- Software Development
- Proficient with Programming/Scripting
- Cloud Technology Platforms, IaaS, PaaS, SaaS
- Network Intrusion Prevention/Detection (IPS/IDS)
- Security Information and Event Management (SIEM)
- Virtual Private Networks; SSL, IPSec and Site-to-Site
- Public Key Infrastructure (PKI)
- Network Access Controls (NAC)
- Next-Gen enterprise class firewalls
- Encryption technologies
- Vulnerability scanning tools
- Application scanning tools
- Outstanding interpersonal skills, effective communication with internal and external personnel of all levels.
- Extensive ability to estimate, plan, lead and execute complex technical projects while working independently and/or in a team.
- Strong technical expertise in cybersecurity principles, tools, and methodologies.
- Solid understanding of security operations, incident response, and threat intelligence.
- Familiarity with industry-leading security frameworks and standards.
- Excellent communication skills with the ability to convey complex technical concepts to both technical and non-technical stakeholders.
- Demonstrated ability to drive change and improve cybersecurity practices within an organization.
Perks and Benefits:
- Flexible Working Environment
- Paid Time Off
- 401k (8% match)
- College Tuition Benefits/ Tuition Reimbursement
- Great Health and Wellness Benefits options
- Company Culture! Cultural and Holiday celebrations, Theme days like Star Wars Day & Bring your Kids to Work Day, Monthly Townhalls and Quarterly Company Meetings that ensure awareness, inclusion, and transparency.
The starting salary range for this full-time position located in Irvine is $147900- $184900 per year. This base pay will take into consideration internal equity, candidate’s geographic region, job-related knowledge and experience among other factors. Origence maintains a highly competitive compensation program. Under company guidelines, this position is eligible for an annual bonus to provide an incentive to achieve targeted goals. Bonuses are awarded at company’s discretion on an individual basis.
Origence is an equal opportunity employer. All recruitment, hiring, training, compensation, benefits, discipline, and other terms and conditions of employment will be based upon an individuals’ qualifications regardless of race, religion, color, sex, gender identity, sexual orientation, national origin, ancestry, military service, marital status, pregnancy, age, protected medical condition, genetic information, disability or any other category protected by federal, state or local law.
