What are the responsibilities and job description for the Infrastructure Security Manager position at BuzzClan?
Job Description
We are seeking an experienced Lead / Manager of Infrastructure Security to join our team in Dallas, TX. This role is pivotal in safeguarding the company’s assets through comprehensive security strategies and policies. The ideal candidate will possess a strong background in security policy development, team leadership, and strategic planning.
Key Responsibilities
Security Policy Development:
Design, implement, and regularly update comprehensive security policies and procedures to protect the company's assets, including sensitive data and intellectual property. Ensure alignment with industry standards and regulatory requirements.
Team Leadership and Development:
Build, manage, and mentor a high-performing team of security professionals. Foster a culture of continuous learning through training sessions and professional development opportunities.
Strategic Security Planning:
Develop and execute long-term and short-term security strategies that align with business objectives. Ensure security considerations are integrated into the product lifecycle from design to deployment.
Engineering Collaboration:
Partner with engineering and development teams for design and architecture reviews. Conduct threat modeling and security assessments to identify vulnerabilities early in the development process.
Vulnerability Management:
Lead initiatives for security, vulnerability, and penetration testing (VAPT). Establish systematic approaches for identifying, assessing, and remediating security weaknesses across all systems.
Identity and Access Management (IAM):
Drive the development of IAM frameworks to manage user identities effectively. Ensure robust access controls are implemented to protect sensitive resources.
Security Operations Center (SOC) Management:
Oversee SOC operations, ensuring real-time monitoring, incident response, and threat intelligence analysis. Implement processes for threat detection and reporting.
Compliance Oversight and Auditing:
Enhance the organization’s compliance strategy through regular audits to ensure adherence to regulatory requirements like GDPR, PCI-DSS, and ISO 27001.
Application Security Testing:
Implement Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) practices to identify vulnerabilities within applications throughout the development lifecycle.
Innovative Security Solutions:
Design new security systems, tools, and processes to address emerging threats. Leverage automation to enhance efficiency.
Stakeholder Engagement and Communication:
Engage with stakeholders across technical teams, management, and external partners. Clearly communicate security risks and recommendations for organizational alignment.
Performance Metrics and Reporting:
Establish KPIs to measure the effectiveness of security initiatives. Regularly report on security posture, incidents, and compliance status to senior leadership.
Cross-Functional Collaboration:
Collaborate with IT, legal, and operations departments to integrate security into business continuity planning.
Weekly Scrum Calls:
Facilitate weekly scrum calls to discuss ongoing projects, track progress, and address challenges.
Communication with Senior Leadership:
Maintain regular communication with senior leadership regarding updates on security initiatives and compliance status.
Future-Proofing Security Initiatives:
Continuously assess security strategies against evolving threats. Stay informed on industry trends to maintain a proactive posture.
Risk Assessment and Mitigation:
Identify potential security risks to the organization. Develop initiatives to mitigate these risks and present findings for informed decision-making.
Qualifications
Proven experience in infrastructure security management.
Strong understanding of regulatory requirements related to data protection.
Excellent leadership skills with a focus on team development.
Ability to communicate complex security concepts clearly to diverse audiences.
Experience with vulnerability management tools and methodologies.
Familiarity with IAM frameworks and SOC operations is preferred.
This position offers an opportunity to lead a dynamic team dedicated to enhancing our organization's security posture while collaborating across various functions. If you are passionate about infrastructure security and have a strategic mindset, we encourage you to apply.
