Job Description: Participate in the CISO-level Security Leadership Team, to represent Cloud Security and Security Platforms performance and interests, and to collaborate with peers and other Security leaders to achieve our goals.Participate in the Security Ops & Engineering Leadership Team, to ensure reliable service delivery and efficient use of all resources.Develop and manage Goals and Development Items for each team member, monitoring progress and supporting successful completion.Coach and lead employees and on/off-site contractors/consultants with respect to Ferguson strategic direction for approved Security, Technology, and Business technology initiatives.Continuously assess and align core and extended team member skills with strategic Security and Technology direction.Develop and maintain critical 3rd-party partnerships to flex Security Operations capacity and skill to meet resource demand.Inform and collaborate with Security Leadership team, regarding resource forecasting, skillset gaps, and other opportunities, to consistently anticipate demand, while meeting SLAs.Maintain enterprise-level relationships with Technology Leadership in all business units and subsidiaries, including partnering with local security leads to ensure consistent and quality execution of global Security responsibilities.
The Cloud Security and Security Platforms Manager provides vision and leadership for the operation and stewardship of Security technology, personnel, and processes that deliver Security services in a hybrid on-prem/cloud environment. This includes responsibility for monitoring and maintaining all platforms delivering Security services and their continual availability; performing configuration and administration of these services; partnering with the CISO and GRC functions to ensure that intents are achieved and compliance and regulatory requirements are met; and coordination of resources, schedules, and activities. The Manager must be able to provide thought leadership for the Security space, to coach and mentor the team, and to build and maintain strong partnerships with IT, Security, business, and third-party stakeholders, to ensure that Ferguson can execute its business plans.
**Position is approved to sit REMOTE, though preference would be that this Manager be within driving distance of the new HQ3 building in Newport News, VA.**
DUTIES AND RESPONSIBILITIES:
Leadership (50%)Build and maintain a diverse and high-performing team, through actively recruiting, hiring, training, coaching, developing, and rewarding team members.
IT Security Operations and Engineering (50%)Provide stewardship of people, process, and technology aspects of all Security platforms and Cloud-delivered Security services.Ensure that all Service Offerings are available and operating reliably.Ensure that all Service Offerings are aligned with the intent of Security Leadership and any published policies and/or standards, including development and/or maintenance of supporting processes used by the Cloud Security and Security Platforms teams.Ensure that personnel are cross-trained, to help others to develop and to ensure that there are no coverage gaps in service delivery.Establish and maintain good working relationships with all IT, Security, third-party, service consumer, and business stakeholders.Ensure that appropriate maintenance, monitoring, automation, and response procedures are in place, to meet Security and availability objectives.Ensure that employees and third-party resources conduct operations in a quality manner, in accordance with our ITIL and other documented processes.Gather, analyze, and report on service consumption and value delivered to customers, to ensure SLAs are met.Understand customer objectives and develop support strategies that map to Service Offerings.Ensure that the team operates within established budgets and timelines.Actively monitor new and emerging technologies, trends, issues, and solutions and assess their applicability to Ferguson's Security capabilities.Contribute requirements to technology selection process.Advocate for new/enhanced Security Service Offerings on behalf of Security Ops & Engineering and its customers.Partner with Security Architecture, to contribute to blueprints and roadmaps that ensure that our technology meets all business requirements and anticipates future needs, in a cost-effective manner.Partner with Security Delivery to ensure that all new Security technology deployments include appropriate support and run-book documentation and that Security Ops & Engineering team members are fully trained to take responsibility for monitoring, ongoing support, routine engineering, and operation of new security technologies.Partner with Security GRC team to monitor and enforce compliance with the organization's security policies and standards among employees, contractors, and third parties responsible for Platform and Cloud Security services.
Additional Job Duties and ResponsibilitiesAdhere to all policies, rules, regulations, and procedures.Perform other duties or functions as requested by management.Drive and report on Service restoration activities as required.
QUALIFICATIONS AND REQUIREMENTS: Current experience managing a team of 5+ full-time associates is required.Experience managing Cloud-based Security services strongly preferred.Experience as an individual contributor in and/or leading an IT Operations team strongly preferred.Experience managing contractors preferred.Six (6) years of experience in the Security space is strongly preferred, to perform at expectations.Strong organizational and time management skillsAbility to effectively lead and motivate individuals and teams, especially in a remote/distributed workforce environment.Strong ability to manage multiple sources of demand and related stakeholdersKnowledge of IT Operations best practices, including strategies and technologies for monitoring, alerting, automation, and return-to-service strongly preferred.Familiarity with available cloud-based Security services and controls, with Microsoft Azure and O365 strongly preferred.Ability to translate spoken and written policy requirements to technical controls.Ability to effectively communicate verbally and in writing, in person and remote.Fluent with Microsoft Office software (Outlook, Word, Excel, PowerPoint, etc.), preferably in O365.Certifications: not required, but Azure Fundamentals/AZ-900, Security Certified Practitioner, or Certified Information Systems Security Professional/CISSP a plus (current or expired)Working understanding of agile, SDLC, and QA methodologies preferred.Ability to work on cross-functional teams.Ability to work with all levels of the organization, from Executives to developers.Strong ability to apply logic, reasoning, and problem solving skills.Strong ability to prioritize work, establish timelines, and deliver by deadlines.
Physical RequirementsRequires working indoors in environmentally controlled conditions.Requires giving and/or receiving verbal communication.Requires giving and/or receiving written communication.Requires using a computer keyboard and mouse to create letters, memoranda, and reports.Requires sitting for extended periods.Ability to efficiently operate computers and mobile devices.
The Company is an equal opportunity employer as well as a government contractor that shall abide by the requirements of 41 CFR 60-300.5(a), which prohibits discrimination against qualified protected Veterans and the requirements of 41 CFR 60-741.5(A), which prohibits discrimination against qualified individuals on the basis of disability.