IT Engineering Manager
Description:
Overview:
Joining Beacon Building Products as an IT Cybersecurity Manager means becoming part of a values-driven organization. Our core principles guide everything we do: putting people first, prioritizing safety, doing what's right, taking pride in our work, continuously improving, and making significant strides towards a more future.
Be part of BUILDing a better tomorrow with Beacon, a leading Fortune 500 distributor of roofing materials and complementary building products in the United States and Canada. At Beacon, you'll be part of a company committed to making a difference.
What you will earn::
• Competitive Pay: We make sure that your hard work is recognized.• Medical, Dental, and Vision Benefits: Experience the peace of mind that comes with our comprehensive benefits package designed to prioritize your well-being.• Employee Stock Purchase Plan (ESPP): Bolster your financial growth. Invest in your future and become a stakeholder by purchasing company shares at a 15% discount twice annually.• 401(k) Match: Ensure a secure future with fair matching of your retirement contributions.• Paid Leave: Recharge and find work-life balance, flexible parental leave for quality family time, generous sick leave, and enjoy paid time off, company holidays, and floating holidays to unwind and pursue personal interests.• Paid Training and Advancement Opportunities: Open doors to exciting possibilities by engaging in our dynamic learning programs, which include the opportunity to earn valuable certifications.
What you will do::
The IT Cybersecurity Manager is primarily responsible for providing leadership, as well as operational and tactical direction to the cybersecurity team. The security manager leads the team through the information security program by establishing highly effective policies, corporate protocols, and appropriate collaboration among teams. In addition, this leader assumes responsibility for the education and enforcement of those protocols and matters of compliance.
The Security Manager possesses a strong technical background and understands risk, mitigation, and technical controls. The manager is expected to lead teams that perform technical work and must possess leadership qualities.
This position requires strong written and oral communication skills, as well as the ability to communicate detailed, technical information in a manner comprehensible by individuals at varying degrees of experience and skill level.
Duties and responsibilities
Analyzes technologies and establishes highly effective processes and protocols to ensure comprehensive protection exists to prevent unauthorized entry into the company networks and systems.
Supports automation and orchestration to maximize team talent and reduce routine tasks.
Leads by example to create a culture where employees want to work.
Mentor security team and places a heavy emphasis on employee retention – people, first.
Leads the team to implement secure enterprise systems and identifies issues that could compromise data integrity or security.
Recommends necessary changes to the information security team to ensure the company’s systems are fully compliant with all applicable regulatory requirements and privacy laws.
Provides periodic training to company employees on information security topics.
Stays abreast of the security industry threat landscape.
Recognizes his/her personal developmental needs and is proactive in obtaining the coaching, networking, and training needed to ensure his/her continued success in the position.
What you will bring::
Preferably 10+ years of technical hands-on security experience, with at least 3-5 years in a team lead or supervisor role.
Related technical certification, or degree in one of the following fields:Information Technology
Science or Computer Science
Management
Demonstrates strong written and oral communication skills.
Applicable knowledge of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&ACK framework, CVSS, open-source intelligence (OSINT) and deception techniques.
Demonstrated ability to investigate, handle and track incidents.
Proficient in SIEM, intrusion detection and prevention systems (IDS/IPS), threat intelligence platforms and security orchestration, automation, and response (SOAR) solutions to centralize and manage incident and remediation workflow.
Ability to analyze incident logs, assess malware, and understand vulnerabilities and exploits, along with strong operating systems knowledge (Windows, Mac, Linux).
Experience in incident handling, vulnerability management, hacking tools, intelligence gathering and kill chain methodology.
Proven threat hunting experience and ability to track adversaries.
Proficient with Python, PowerShell, and Bash.
Possesses a high level of integrity, trustworthiness, and confidence, and represents the company and its management team at the highest level of professionalism.
Leverages subject matter expertise in security and compliance.
Works effectively with a variety of personalities and can adapt his/her approach to effectively reach and develop his/her team. Uses this skill as well as his/her functional knowledge to both earn and maintain a high level of credibility with the team.
Demonstrates solid organizational skills and the ability to multi-task, prioritize workload and delegate responsibilities.
Effectively manages stress in a constantly changing environment.
Demonstrates excellent judgment and the ability to make quick decisions and think outside the box when working in complex situations.
Demonstrates strong analytical skills and is effective at interpreting and applying applicable regulations.
Capable of working with diverse teams and promoting an enterprise-wide positive security culture.
Working conditions
Minimal travel requirements as needed for business purposes
Work assignments may be completed remotely and available company offices/branches within respective markets
Physical requirements
Prolonged periods sitting at a desk and working on a computer and/or keyboard
Heavy methods of verbal and auditory communication via phone, virtual calls, and/or email
Permanent