Manager, Security Operations

The Security Operations Manager will manage key access management, technology controls, resilience, and cybersecurity efforts under the direction of Infrastructure & IT Operations and in concert with the divisional CISO. This role will help develop vulnerability and risk management processes, oversee their implementation, and analyze company databases to identify and address potential security risks and vulnerabilities. Partner strategically with other internal teams and external stakeholders to design, adopt, and integrate appropriate controls, deliver consistent processes and solutions, and promote control automation. To support these efforts, a successful candidate will have in-depth knowledge of industry trends, standards, and proficiency with the latest cybersecurity tools and processes.

The Security Operations Manager provides knowledge transfer on best practices and may be responsible for training IT and business members.

Primary Duties and Responsibilities:

• Manage the operational, technological, and legal risks associated with the business.
• Establish proper governance to control and proactively spot problems, vulnerabilities, and changes in the underlying systems’ risk profile.
• Help application, product, and information owners understand the overall risk profile so that the proper controls may be introduced.
• Proactively identify, assess, and manage inherent risks in our system and promote a risk-mitigating culture.
• Identify threats, risks, vulnerabilities, and relevant mitigation methods to support risk decisions and carry out security risk assessment operations.
• Drive transparent, quantifiable, and long-lasting control improvements by working together with the CISO, audit, compliance, business control management, and technology teams.
• Provide clear direction to business, product, and technology stakeholders so they can manage their risks effectively.
• Manage the access provisioning function to ensure effective IAM governance.
• Other duties as assigned

Education and Experience Profile:

• Bachelor’s degree in computer science, information security or a related field
• 5+ years of experience in technology or IT risk management
• Experience supporting and securing infrastructure and applications.
• Certifications like CISSP, CRISC, CISA, CISM, and CCSP

Required Skills:

• Proven track record in risk management, preferably in the audit or compliance activities, technology, or other pertinent control functions
• Proficient with firewalls, endpoint security, mobility management, and vulnerability scanning
• Demonstrated expertise in the management of technology and application risks and controls.
• Ability to build effective working relationships with teammates, subordinates, coworkers, and external organizations who are spread out geographically and from different cultural backgrounds.
• Demonstrated aptitude for analysis and problem-solving.
• Excellent communication skills in writing, speaking, and presenting.
• Outstanding interpersonal, negotiation, and persuasive abilities
• Strong organizational skills and the capacity to multitask successfully.

Work Environment:

• Hybrid, remote may be considered.
• Possible participation in after-hours on-call duties and/or on-call rotation.
• Up to 25% travel may be required for strategic planning and support activities.

The above information is designed to indicate the general nature and level of work performed by employees within this job/classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.

Pay Range: $123,811-$181,590

This “base salary range” is a reasonable estimate for this position at the time of posting. Pay within each range is based on a variety of factors including, but not limited to, to primary work job-related knowledge, skills, experience, business requirements and geographic location. ASSA ABLOY conducts regular review of compensation ranges and therefore reserves the right to alter this range at any given time.