Your Journey at Crowe Starts Here:

At Crowe, you have the opportunity to deliver innovative solutions to today's complex business issues. Crowe's accounting, consulting, and technology personnel are widely recognized for their in-depth expertise and understanding of sophisticated process frameworks and enabling technologies, along with their commitment to delivering measurable results that help clients build business value. Our focus on emerging technology solutions along with our commitment to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a "Best Place to Work." We are 75 years strong and still growing. Come grow with us!

Job Description:

The Security Operations Leader manages a team of information security professionals; this includes making hiring decisions, personnel reviews, work assignments, and day-to-day team management. This position is a Subject Matter Expert (SME) for various security technologies and serves as backup to other security technology SMEs. The Security Operations Leader oversees and operates security programs related to application security, vulnerability management, event monitoring and incident response, risk analysis, and security assessments for various firm assets and environments. This position reports to the Information Security Director and is expected to provide them with thought and strategy leadership for firm security, as well as to other upper management individuals within the firm.

Responsibilities:

• Security Operations team management (i.e., personnel decisions, performance reviews, career development for coachees, manage team and project budgets, etc.)
• Advisory to security leadership for strategic planning and risk management initiatives
• Stay abreast of the latest security trends and monitor firm technology and operational risk factors and make recommendations to upper management
• Manage projects to enhance existing security programs, as well as design and implement new security tools and procedures for the firm
• Serve as the Subject Matter Expert for the following firm security technologies and programs
  
  • Application Security Program - Static code analysis, web application testing, container security monitoring, third-party penetration testing, communication of findings to stakeholders
  • Vulnerability Management - Domain mapping, deployment of automated scanning agents, manage remote scanning, remediation tracking
  • Event Monitoring and Incident Response - Develop event monitoring and incident response procedures, deploy event monitoring solutions in critical environments, manage security tool configurations for enhanced protection and monitoring (e.g., EDR, SIEM, AV, firewalls, cloud security tools)
• Risk Analysis - Review threat and vulnerability data from various sources to prioritize remediation projects
• Security Assessments - Cloud security assessment, manual application security testing
• Serve as the backup Subject Matter Expert for the following firm security technologies
  
  • Security Information and Event Management (SIEM)
  • Enterprise database encryption

Qualifications:

• In-depth knowledge and practical experience with industry standard security tools, including deployment, administration and usage, is needed maintain firm security programs owned by Security Operations.
• A firm understanding of IT and Security fundamentals is required (Infrastructure, Operating Systems, Virtualization, Networking Concepts, Commands and Scripting, Network Security, Operational Security, Threats, Host Security, Access Control, Cryptography, etc.). This knowledge is necessary for designing effective event monitoring, security testing, and remediation plans for business applications and systems in the environment.
• Technical knowledge of vulnerability assessment and exploitation, and practical experience with risk analysis and mitigation strategies are necessary to perform security testing, and to work with other stakeholders to design effective remediation plans.
• Technical knowledge of security monitoring tools and practical experience with threat detection and incident response are necessary to perform event monitoring in this role.
• Maintain awareness of threat actors and attack trends, as well as those specific to the firm, to identify risks and provide recommendations to management in response to changing threat landscape.
• The ability to manage a number of projects, and be able to adjust quickly to changing priorities in a dynamic environment.
• Flexible, agile and able to manage work within ambiguity as necessary.
• Excellent organizational/project management and analytical skills.

Requirements:

• Bachelor's degree in Computer Science, MIS, Information Systems, or equivalent experience
• Industry certification(s) desired
• 3 years of team management
• 5 years in Information Security role
• Travel maybe required to perform job/project duties
• As required, work after-hours and during maintenance periods

#LI-Remote

Our Benefits:

At Crowe, we know that great people are what makes a great firm. We value our people and offer employees a comprehensive benefits package. Learn more about what working at Crowe can mean for you!

How You Can Grow:

We will nurture your talent in an inclusive culture that values diversity. You will have the chance to meet on a consistent basis with your Career Coach that will guide you in your career goals and aspirations. Learn more about where talent can prosper!

More about Crowe:

Crowe (www.crowe.com) is one of the largest public accounting, consulting and technology firms in the United States. Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. Crowe is recognized by many organizations as one of the country's best places to work. Crowe serves clients worldwide as an independent member of Crowe Global, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 130 countries around the world.

Crowe LLP provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.