Manager, Security Operations & Engineering (Fully Remote)
Posted on: January 16, 2022
At Aqua, a subsidiary of Essential Utilities, Inc., we know that
water is a precious resource - one that plays a critical role in
sustaining life. That's why we take seriously our mission:
protecting and providing Earth's most essential resource. At Aqua,
we are guided by a set of principles that embody the character of
our company and inspire our work together. They are embedded within
our business practices and our behavior. We are proud to be united
by integrity, respect and the pursuit of excellence to be the best
we can be for the customers and communities we serve.
Together, the women and men of Aqua, a subsidiary of Essential
Utilities, Inc. serve 1 million customers across eight states. Aqua
uses science, technology, capital investments, and amazing talent
to provide communities with clean, safe drinking water and
responsibly return wastewater to our rivers and streams. Join our
team and make a difference!
Are you looking for a fantastic career at Essential? We have a
great opportunity for a Manager, Security Operations and
Engineering.The candidate will work under the general direction of
the Information Security Director. This candidate will be the t
echnical team leader who leads the development and operation of SOC
functions and engineering related to security technologies.The
manager will provide thought leadership and strategic vision to
ensure the development and operation of safe and secure Information
Technology (IT) and Operations Technology (OT). As an expert in
security operations, incident response and security engineering,
this position will collaborate and partner with other security and
technology teams regularly.
Oversees and manages all aspects of security operations and
engineering services, capabilities and third-party
Manages the security operations and engineering team. Interviews,
hires, sets high performance standards, and manages performance in
accordance with all applicable HR policies and procedures. Creates
an energized work environment, fostering an atmosphere that enables
employee trust and engagement. Inspires confidence and motivates
others to perform at their best. Develops and coaches' staff while
effectively addressing performance issues.
Plans and executes regular incident response and postmortem
exercises, with a focus on creating measurable benchmarks to show
progress or deficiencies requiring additional attention.
Leads threat hunting activities. Uses red team and threat modeling
methodologies to ensure security architecture accounts for the
Manages security event investigations, partnering with other
departments as needed.
Continuously reviews, evaluates and updates SOC policies and
procedures to account for the constantly changing threat
Participates with Information Security leaders on developing and
maintaining security standards, policies, procedures, and
Leads project risk and threat assessments.
Ensures security operations team responds to and handles service
support and escalation tickets within SLA expectations.
Manages the portfolio of security technologies and services used
for protection, detection, and response.
Participates in all phases of the SDLC and project life cycles as
needed for corporate initiatives - design, build and operate,
ensuring technology initiatives align and comply with internal
security policy and standards as well as support frameworks such as
Sarbanes Oxley, NIST, CSF and Critical Security Controls.
Creates and maintains documentation for security architecture,
services, configurations, and processes.
Participates in the development of standard update reports, score
cards, and trend summaries to communicate the performance and
health of the security program at regular intervals.
Assists with other tasks or projects as assigned.
Bachelor's degree in Information Technology, Computer Science,
Cybersecurity, Computer Engineering, Security and Risk Analysis,
Information Security & Assurance or a related field.
A minimum of 5 years in a principal or senior level role for
security operations, incident response or security engineering.
Previous experience with Industrial Control Systems, SCADA, and OT
Strong SIEM management experience with Splunk Enterprise/Enterprise
Experience with both offensive (red team) and defensive (Blue team)
Deep experience with EDR &EPP platforms. Preferred experience
with Carbon Black Response, Protect and Defense or similar
A minimum of one of the following certifications will be required
to obtain within the first 12 months: CISSP, ISSAP, GCIH, GRID,
GPEN, GCIA, GCTI, GCFA, GDAT, CISM
Knowledge, Skills, And Abilities
Strong knowledge of Windows, Linux, Databases, Web Applications and
Knowledge of security engineering principles in NIST 800-160 and
incident response principles in NIST 800-61.
Subject matter expertise in security information and event
management (SIEM)systems, threat intelligence, intrusion detection
and prevention systems (IDS/IPS), file integrity monitoring (FIM),
data loss prevention (DLP) and other network/system monitoring
Strong problem-solving skills.
Strong understanding of networking, including enterprise level
firewall engineering experience, with Palo Alto Networks or other
NGFW experience preferred.
Experienced and well versed in incident response and digital
forensics, including investigations, chain-of-custody methods,
IR/forensic tools and best practices.
Proficient in scripting in PowerShell, Python, Bash or similar
Exceptional written and verbal communications skills to work
directly with multiple technology teams as well as IT
Ability to articulate technical concepts and security risk clearly
in business-oriented language.
Ability to use models and techniques such as ATT&CK, ATT&CK
for ICS, Diamond Model and Kill Chain Analysis.
Ability to work well under pressure.
Ability to lead or participate in purple teaming efforts to measure
security effectiveness, identify and remediate issues in the
Ability to work on multiple projects simultaneously and adapt to
changing priorities in a fast-paced environment.
A team player able to work effectively in a team fostered
Availability to support security in a 24x7 environment
Under normal conditions, periodic travel is required (up to
COVID-19 Vaccination Requirements
Essential Utilities and its subsidiaries , including Aqua, Delta,
and Peoples Natural Gas, requires new hires to be fully vaccinated
against COVID-19, where allowable under the law. To satisfy this
requirement, new hires who received the one shot regimen of the
Johnson & Johnson vaccine must receive the one dose shot prior to
their first day of employment. Proof of vaccination must be
provided on your first day of employment. For the two shot regimen
of either Pfizer or Moderna, a new hire must have received at least
one dose of the vaccine before their first day of employment. Proof
of the second dose date must be received within the recommended
timeline based on the manufacturer's vaccine received. For example,
for Moderna as soon as the 28 day period has elapsed and for Pfizer
as soon as the 21 day period has elapsed. Failure to provide proof
of your COVID-19 vaccination status will result in the termination
of your employment with Essential Utilities including its
subsidiaries Aqua, Delta and Peoples Natural Gas.
If you are unable to be fully vaccinated due to a medical or
religious exemption, you will be required to apply for an exemption
on your first day of employment with Essential Utilities. As part
of the process, you will be required to provide information and/or
documentation to Human Resources about the reason(s) you cannot be
vaccinated. If your request for an exemption is not approved, then
your employment may be terminated.
Aqua, a subsidiary of Essential Utilities, Inc. is an Equal
Opportunity / Affirmative Action employer. Equal employment
opportunity is provided to all employees and applicants for
employment without regard to the following legally protected
characteristics: race, color, religion, sex, national origin, age,
pregnancy (including childbirth and related medical conditions,
including medical conditions related to lactation), physical or
mental disability, covered-veteran status, genetic information
(including testing and characteristics), sexual orientation, gender
identity or expression or any other characteristic protected by
applicable local, state or federal law.
Aqua, a subsidiary of Essential Utilities, Inc. is committed to
providing reasonable accommodation to individuals with
disabilities. If you have a condition that may prevent you from
applying for a job online or need to request an accommodation
during the interview process, please call (1-877-271-9012).
Keywords: Aqua, Phoenix , Manager, Security Operations & Engineering (Fully Remote), Executive , Phoenix, Arizona
Didn't find what you're looking for? Search again!