Associate Manager - IT Security @ Yodlee

- Lead the enterprise-wide security incident management and response.
- Review, evaluate, and enhance incident detection and response capabilities by periodic review of tools, processes, and IR playbooks.
- Ability to handle 24 7 operations with a hybrid operating model (In House + MDR) to gain the maximum efficiency and business benefits.
- Generating security metrics that align with business risks, reports, and dashboards for management consumption.
- Lead efforts to drive automation using SOAR of incident triage and response and expand advanced threat hunting capabilities.
- Provide functional direction and support for daily support activities.
- Develop and mentor staff through open communication, training, and development opportunities.
- Develop strategic goals to transform the Security operations center to be ready for the changing threat landscapes and evolving challenges.

Required Skills:
- Minimum 5 years of leading a Security team, with experience managing security incident detection and Response program.
- Creative thinker with exceptional business, strategic, analytical, management, and relationship management skills.
- Strong knowledge of networks, operating systems, cryptography, preventive, detective, and offensive security solutions.
- Experience working with cloud services like Amazon Web Services, Google, and Microsoft Azure Cloud
- Excellent understanding of information security concepts, protocols, tools, industry best practices, and strategies.
- Focus on a business appropriate measured response, strong time management, effective prioritization, and proper sense of urgency in day-to-day Security Operations.
- Ability to identify needs, take the initiative, and prioritize work efforts balancing operational tasks with longer-term strategic security efforts.
- Experience in designing, implementing, and measuring relevant security and technology management critical success factors, key performance indicators, and metrics.
- Experience working with security detection/prevention platforms like EDR, Container Security, Identity product, Vulnerability Management products and process, Microsoft Security platforms, Data protection platforms, Threat/Brand Intel and Identity Intelligence,
SIEM, SOAR platforms etc
- Experience working with industry-standard forensics tools (X-Way forensics, Encase, Access data, SIFT, FTK)
- Excellent understanding concept of standard audits such as PCI, SOC2, ISO27001, and SOX.
- Security certifications such as CISSP.