Manager of Cyber Security (Leadership, SIM, EDR, Cloud Security) - Remote

We’re a 45 year-old, $8 billion national tool retailer with the energy, enthusiasm, and growth potential of a start-up. We have over 1,500 stores in 48 states across the country and are opening several new locations every week. We offer our customers more than 7,000 tools and accessories, from hand tools and generators to air and power tools, from shop equipment to automotive tools. We provide our customers with the right tool for the right job at the right price, always delivering quality and value.

The Manager of Cyber Security will provide leadership and “hands on” technical expertise for the security of network, systems, application and E-Commerce operating environments.

Essential Duties and Responsibilities:

• Manages a team of cyber security engineers and analysts
• “Hands-on”, line-level management of security resources
• Provides threat counter measures and risk mitigation solutions
• Works with intrusion protection and monitoring systems to drive improvements
• Leads incident response teams to contain and eradicate threats
• Designs and implements enterprise malware prevention systems
• Develops effective counter measures to security threats
• Designs, builds, and implements security network, system and data controls, monitoring and configuration management tools
• Performs computer forensics work as needed
• Creates, enhances, and executes all processes related to the security architecture & engineering
• Develops and enhances the Security Information & Event Management (SIEM) system
• Develops and enhances log monitoring systems
• Develops security gates processes for review and approval of new IT solutions
• Works as a liaison between IT, the lines of business, and Information Security to ensure full and complete implementation of security controls, standards, and policies
• Manages and maintains technical controls and processes for PCI and ITGC compliance in the systems and applications areas
• Assists IT Infrastructure and Operations with remediation planning and implementations
• On-site and in-person presence is required
• After hours work, shift work, and on-call will be required
• Regular attendance is an essential function of the job

Qualifications – Education and Experience:

• Bachelor’s Degree required
• 3-5 years of IT security experience
• 1-2 years management of technical security resources
• Strong experience with SIEM, EDR and Cloud Security tools
• Solid understanding of security concepts, principles and practices
• Expert level understanding of TCP/IP and networking concepts
• Experience with Managed Security Services Providers (MSSP)
• Subject matter expertise in one or more areas of operating system security (Windows, Linux)
• Experience with threat and vulnerability management and countermeasures
• Experience with security event monitoring and incident response
• Experience with log management and SIEM reporting tools and development
• Process, procedure, and standards development experience
• Good customer service skills
• Solid team player with a “can do” attitude
• Excellent written and oral communication and documentation skills
• Ability to perform after hours, shift work, and be on call during designated periods
• Past security training and certifications (such as CISSP, SANS) are preferred

The anticipated salary range for this position is $144,200 -$216,300 depending on location, knowledge, skills, education and experience. This position is also eligible for an annual discretionary bonus. In addition, we offer comprehensive and competitive benefits to Associates (and their families) such as medical, dental, vision, life insurance, short-term and long-term disability. Eligible Associates are able to enroll in our company’s 401k plan, as well as a deferred compensation plan. Associates will accrue paid time off up to 236 hours per year, (inclusive of PTO, floating holidays and paid holidays). Paid sick time up to 80 hours per year unless otherwise required by law.