Please reach me at / if available and interested.
Minimum experience: 10+ years
The Security Practice Manager plans and directs security development, pre-sales and post-sales. This position is accountable to assist in ensuring alignment and delivery of all security services and solutions. This role requires extensive IT security knowledge as Client delivers security consulting and managed security services to customers ranging from governance and risk assessments to penetration testing, security product implementation, managed security services and managed compliance services.
Duties and responsibilities: Ability to work with customers during the pre-sales stage to understand the various security controls in place in order to determine gaps and recommend products and consulting work effort to close those gaps. Ultimately help decide the process and technology controls to be recommended to the customer. Experience reviewing penetration tests, risk assessments, IT audits, and the implementation of the related technology recommendations such as access control tools, privileged account management, vulnerability testing, and perimeter security such as NGFW, Two-factor, and Cloud Access Security Brokers (CASB) are strongly preferred.
Create and maintain core messaging, pre-sales strategy and post-sale delivery
Support Account Executives and Solution Architects to assess, qualify, position and close sales opportunities
Develop SOWs, including the phases, scoping, pricing, and specific tasks to be performed for the customer.
Create and maintain all security practice messaging
Facilitate partner development and management
Evaluate and recommend security products and delivery partners
Continued development and evolution of the Security Practice
Thorough knowledge and understanding of security best practices, operations, regulations and solutions including NIST CSF, ISO, PCI, and HIPAA.
Excellent knowledge and understanding of information risk concepts and principles as a means of relating business needs to security protocols.
Excellent understanding of information security concepts, protocols, industry best practices and strategies.
Good understanding of system technology security testing (vulnerability scanning and penetration testing.)
Knowledge of systems, applications, databases, middleware to address security threats against the same.
Proficient in preparation of reports, dashboards and documentation
Knowledge of common Internet protocols, network analysis, and network/security applications
Ability to multi-task, prioritize, and manage time effectively
Excellent interpersonal skills and professional demeanor
Excellent verbal and written communication skills
Proficient in Microsoft Office Applications
Experience in performing vendor management
Ability to handle high pressure situations with key stakeholders
The successful Security Practice Manager will possess the personality traits, work habits, communication, and social skills necessary to work effectively within a dynamic and highly operational environment. This person will have exemplary personal and professional integrity and demonstrate strong interpersonal skills. In addition, the qualified candidate will have a strong desire to succeed in a nationally and internationally recognized operational environment.
Qualifications include: (Having all the certifications mentioned below are not required)
Bachelor's or Master's degree in a related field or equivalent demonstrated experience and knowledge
Applicants must have ability to work in U.S. without sponsorship and a valid Driver's License
Proven experience in an information security including developing Information Security policies and plans
Experience in security remediation processes and technologies including patch management, change management, incident response, vulnerability management, and access control. Specific product experience is a plus.
Strong decision-making, analytical & problem-solving skills to provide direction, identify & resolve issues
Strong communication, facilitation and presentation, and training skills to communicate with a diverse group of employees and vendors
Proven ability to manage multiple vendors and their alignment
Security Consulting background a plus
Security Essentials Certification (GSEC)
Certified Ethical Hacker (CEH)
Certified Penetration Tester (CWAPT)
Certified Information Systems Manager (CISM)
Certified Information Systems Security Professional (CISSP)
infosec, pre-sales strategy, post-sale delivery, NIST, security certification