POSITION SUMMARY

The Security Engineering Manager will implement a Cybersecurity Engineering practice and lead the overall security engineering team including, threat and vulnerability management (TVM), network security, code security and technical security assessments of vendors, tools, and projects.

This position will provide direction and guidance to the development, specifications, and communications of the applications and architecture, as well as provide in-depth technical consultation to the business units and IT management and assist in developing plans and direction for the integration of information security requirements.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Aligns TVM, Network Security, Code Security, and related processes across the organization, and develops and documents standards for organizational use.
• Manages the development and implementation of vulnerability management and governance practices, frameworks, and playbooks to ensure consistency, quality, reliability, and integrity.
• Understands business and information technology management processes and demonstrates advanced understanding of business processes, internal control risk management, IT controls and related standards.
• Facilitates the use of technology-based tools or methodologies to review, design and/or implement products and services to provide a strong program that balances access with compliance and confidentiality.
• Identifies and evaluates complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement.
• Identifies the broader impact of current decisions related to user access, data access and information security.
• Develops and expands vulnerability management, identity management, network security processes, tooling, and maturity.
• Monitor external threat intelligence and vulnerability feed in coordination with the SOC function, conduct research on emerging threats, and identify and deploy solutions to prevent such threats.
• Develops and expands key metrics for both executive and internal customer visibility to security posture.

SKILLS/KNOWLEDGE/ABILITIES

• Strong oral and written communication skills
• Ability to lead and manage a team independently.
• Ability to translate security-related matters into business terms that are clear and understandable to executives.
• Able to work with program management and procurement to ensure financial and delivery commitments are maintained.
• Ability to work in cross-functional teams, including Network Operations, Cloud Operations, etc.
• Take a project, WBS, assign tasks to team.
• Thinks outside the box when designing systems and solutions.
• Able to navigate a demanding and high-pressure environment.
• Can think strategically and incorporate business needs into technical roadmaps.
• Strong problem-solving and trouble-shooting skills

EDUCATION and EXPERIENCE

• Minimum of ten (10) years of progressive experience in cybersecurity, with at least four (4) years in a leadership role
• Undergraduate degree in computer science, information systems, cybersecurity, or a related field preferred.
• Experience working in the financial services industry strongly preferred.
• Solid understanding of project management principles.
• Experience working with security concepts in a hybrid cloud environment.
• Hands of experience in managing an enterprise vulnerability management program
• Possess knowledge and experience in the areas of Cloud Platform Security, M365 Security, Application Security, Code Security, Data Security, End Point and Mobile Security, and Infrastructure and Network Security
• Experience ensuring controls are implemented/automated into the SDLC.

CERTIFICATIONS, LICENSES, and/or REGISTRATION

• CISSP, CISM, GSLC, GPEN or other security certification preferred.
• Project Management Professional (PMP) certification preferred. 

LOCATION and COMPENSATION

• This is a fully remote position with occasional travel required.
• Base compensation is expected to be $170-230k with the opportunity for incentive compensation including bonus compensation. 

PHYSICAL DEMANDS and WORK ENVIRONMENT

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to sit and use hands to handle, touch or feel objects, tools, or controls.  The employee frequently is required to talk and hear.  The noise level in the work environment is usually moderate.  The employee is occasionally required to stand; walk; reach with hands and arms.  The employee is rarely required to stoop, kneel, crouch, or crawl.  The employee must regularly lift and/or move up to 10 pounds.  Specific vision abilities required by this job include close vision, color vision, and the ability to adjust focus. The noise level in the work environment is usually moderate.

EEOC

Bayview is an Equal Employment Opportunity employer.  All aspects of consideration for employment and employment with the Company are governed on the basis of merit, competence and qualifications without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, or any other category protected by federal, state, or local law.