Manager, Cybersecurity Operations

Leave a Comment / 6 minutes of reading


Job title: Manager, Cybersecurity Operations

Company: Frontier Airlines

Job description: Description :

What Will You Be Doing?

The responsibility of this position is developing, executing, and maintaining a superior information security program that promotes resiliency by identifying and mitigating cyber risks and threats for the organization. The manager will contribute to, oversee execution, and provide oversight to the direction of Frontier Airlines’ security compliance initiatives. S/he will work with IT, business, and security team members to ensure that appropriate planning, communication, and execution of activities ensure the successful delivery of the cybersecurity program. The function will include active management of key services: security operations center (MSSP) management, firewall/IDS/proxy management, security logging/monitoring, cybersecurity incident response, vulnerability & security patch management, security configuration hardening, data loss prevention, computer security incident response, threat & brand intelligence, phishing management, pen testing, and program governance.

Essential Functions

  • Responsible for information security infrastructure including, developing strategic plans, and identifying key success factors; sets priorities and allocates the resources to achieve department and corporate goals.
  • Responsible for the ongoing and near real-time proactive monitoring, analyzing, investigating, tracking, and remediation of IT security events across the enterprise in an overall effort to minimize the potential for a breach of security or loss of data
  • Responsible for leading the monitoring of cybersecurity events (endpoints, servers, databases, network devices, mobile devices, etc.); investigate, validate, and support mitigation of alerts based on their risk and priority.
  • Provide strategic guidance for IT/Cybersecurity projects, including the evaluation and recommendation of technical controls.
  • Track project status, to ensure projects meet the approved deadlines and stay within approved budget.
  • Oversee portfolio of security projects to deliver on strategic cybersecurity initiatives.
  • Support development and dissemination of Cybersecurity training and awareness for organizational users, administrators, and developers.
  • Support the execution of data loss prevention initiatives; fostering collaboration with departments across the organization on privacy and data protection matters.
  • Manage the coordination of internal and external resources during forensic investigations.
  • Execute vulnerability management briefings, providing status updates, and direction on remediation actions to system, network, database, and application administrators.
  • Establish and maintain a set of procedures for identifying, prioritizing, implementing, and reporting security patches/configurations that resolve security exposures to the network and computing devices across the enterprise.
  • Oversee compliance hardening governance on endpoints, servers, virtual devices, network devices, databases, and applications. Conducting hardening checks of device configurations to determine version compliance and identify and mitigate weaknesses.
  • Conduct security assessments of application, network, and computing architecture before systems are placed in production.
  • Coordinate facilitation and remediation efforts for Red and Purple pen test teaming engagements.
  • Lead development and implementation of security policies, procedures, and documented security controls.
  • Develop risk metrics that measure overall cybersecurity risk exposure, and work with key stakeholders to define target thresholds, and report on results.
  • Maintain a PCI/SOX control database, inventorying control ownership, control objectives, and testing objectives.
  • Act as liaison with internal and external auditors for SOX and PCI audit concerns, facilitation of meetings, annual walkthroughs, and discussion of remediation activities for identified deficiencies.
  • Collaborate with control owners to validate effectiveness of security controls and ensure testability.
  • Oversee and drive remediation processes to address issues identified in security assessments, key financial application reviews, access control reviews, internal or external audits and/or other assessments.
  • Work closely with teams across the organization to ensure compliance with defined standards, identifying gaps and enhancing compliance.
  • Provide relevant and actionable reporting/presentations to stakeholders and executive management.
  • Strong working knowledge and implementation of cybersecurity frameworks and standards such as COSO, COBIT, NIST, and ISO.
  • Active awareness with current trends, technologies, regulations, threats, etc.; provide cybersecurity support to IT and business functional teams.
  • Support privacy, strategy, and tactics to ensure adequate procedures are in place to comply with new and existing privacy laws, regulations, and company policies.
  • Ability to demonstrate and apply knowledge of data protection regulation and laws to the environment, such as the CCPA, CPRA, HIPAA, GLBA, and CDPA.
  • Coordinate the third-party risk management (TPRM) / vendor risk services.
  • Provide guidance and mentoring to junior team members.

Qualifications

  • Bachelor’s degree required (Master’s degree a plus) in either: Business, Finance, Computer Science, Engineering, IT, or similar field.
  • Hold an active cybersecurity certification, such as CISSP, CISM, CISA, CRISC, or CEH (highly desired, or equivalent experience is acceptable).
  • 6+ years of experience in Cybersecurity, with 3+ years managing cyber security resources.
  • Experience with industry compliance standards such as PCI-DSS, HIPPA, NIST, ISO, ITIL, and SOC1/2.
  • Cloud security and/or network expertise (AWS, Azure, GCP).
  • Experience working in a 24x7x365 production support environment.
  • Experience with the airline industry a plus.

Knowledge, Skills and Abilities

  • Ability to facilitate a climate of cohesiveness, cooperation, and teamwork
  • A broad and thorough knowledge of security systems, Windows, Linux, TCP/IP is required. Proficiency in network traffic analyzing and packet analyzing is desirable. Experience with Cisco network products and end user support is desirable. Preferred industry certifications include: SANS, CISSP, CISA, PCI-DSS
  • Working knowledge of multi-tier applications and systems, desktop and server operating systems, server virtualization concepts, cloud, and basic infrastructure services such as DNS and DHCP
  • Exhibit leadership skills required to manage resources as well as projects deliverables
  • Self-directed IT professional with strong work ethics and excellent organizational skills
  • Strong oral and written skills both technical and non-technical
  • Ability to work in a fast paced, sometimes stressful team environment with the ability to adapt to new, different, or changing situations
  • Demonstrated troubleshooting approach and skills
  • Strong interpersonal, business management, and customer service skills

Equipment Operated

Firewalls, IPS, Wireless, Windows, Linux and a variety of security tools including the common open-source projects and commercial tools

Work Environment

Typical office environment, adequately heated and cooled

Will require being on call for afterhours and weekend support

Physical Effort

Light physical effort required by handling objects up to 20 pounds occasionally and/or up to 10 pounds frequently.

Supervision Received

General Direction: The incumbent normally receives little instruction on day-to-day work and receives general instructions on new assignments.

Positions Supervised

Information Security Engineers

Salary Range

$127,280 – $159,100

Please Note: This role will close April 12th 2024 at midnight (MT)

Disclaimer: The above statements are intended only to describe the general nature and level of work required of the referenced position; they are not intended to be an exhaustive list of all responsibilities, duties, and skills required of individuals in this position. Please be advised that duties and expectations of this position may be subject to change.

Frontier Airlines, Inc. is an equal opportunity employer and, as such, is committed to providing equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, national origin, age, marital status, veteran status, sexual orientation, gender identity or expression, disability status, pregnancy, genetic information, citizenship status or any other basis protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Frontier Airlines is a Zero Tolerance Drug-Free Workplace. All prospective employees are subject to pre-employment testing for the following drugs and their metabolites: Marijuana, Cocaine, Amphetamines, Opioids and Phencyclidine (PCP). Further, any applicant who is found to have tested positive on any required drug or alcohol test at a former employer will be considered ineligible for employment with Frontier.

Expected salary: $127280 – 159100 per year

Location: Denver, CO

Job date: Sat, 09 Mar 2024 23:20:08 GMT

Apply for the job now!

Leave a Comment

Related Posts

Scroll to Top