Manager, IT Security Threat Operations - Purchase - job 635358

Atlas Air

Date: 02/22/2021

City: Purchase, New York

Employment type: Full-time


This position is responsible for the management of day-to-day IT Security operations including monitoring, vulnerability management, threat and incident management, and security awareness training.


  • This position will be responsible for managing a small internal team of highly skilled Security Analysts and as well as direct oversight of the company's Managed Security Service vendor

  • Develop and oversee the Threat Management and Incident Management functions, including: analysis, triage and escalation of security events, coordination and tracking of response activities, and status reporting to the Director of Information Security and the IT Management Team

  • Oversee all phases of Vulnerability Management including scanning, reporting, and remediation tracking. Work with IT stakeholders and managed service vendors on remediation planning.

  • Develop and mature corporate security programs in the areas of Vulnerability Management, Incident Management, Threat Management, and Security Awareness

  • Act as team leader and mentor, setting team objectives in coordination with the Information Security Director and developing and implementing training plans to develop internal capabilities

  • Security Event Monitoring, SIEM lifecycle management

  • Lead the development, implementation, and tuning of monitoring use cases as needed upon emergence of new applications, threats, and policies.

  • Coordination of maintenance and patching of IT Security Systems

  • Oversee vulnerability remediation activities, coordinate with other departments to plan and track remediation activities

  • Oversee security awareness activities including security awareness training and proactive phishing exercises

  • Lead incident response training exercises including tabletop exercises with stakeholders in the broader organization

  • Participate in projects to evaluate, develop and implement technologies to support security operations

  • Line management of direct reports, including performance management and time off requests

  • Maintain and publish metrics

  • Development and maintenance of process documentation, procedures, and playbooks

  • Continuously identify and spearhead opportunities to improve the efficiency and effectiveness of the IT Security operations team and processes

  • Work with the Director of Information Security and the IT Security Program Manager to identify and define roadmap projects for expansion and maturation of tools and capabilities supporting IT Security Operations functions

  • Provide guidance and education to other groups within the Information Technology function, including Infrastructure Architecture, Application Development, Network Operations, System Operations, and Help Desk.

  • Participate in the industry Cyber Information sharing programs Atlas participates in, including A-ISAC, DHS CISCP, and the DoD Defense Industrial Base

  • Provide off-hours support as required


  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or other related fields

  • 7-10 years' experience in Information Security or related field

  • Experience in Security Incident Response is required

  • Experience in Vulnerability Management is required

  • Experience in operating vulnerability scanning tools such as Nessus, Qualys, Nexpose, etc. is required.

  • Understanding of common vulnerabilities and exploits is required

  • Knowledge of the cyber threat landscape including types of adversaries and the motivations that drive them is required.

  • Experience with implementing or operating Security Orchestration, Automation and Response (SOAR) technologies is desired

  • Experience preparing and/or presenting reports and briefings is required.

  • Leadership and communication skills are required

  • Advanced written communication abilities are required

  • Must be able to translate technical security concepts into lay terms

  • Must be comfortable presenting in front of technical and non-technical audiences

  • Ability to effectively work with people in other departments and/or outside of the enterprise is required

  • Ability to communicate situations to all levels including senior management is required

  • Knowledge of the function and operation of SIEM technologies such as ArcSight, Splunk, LogRhythm, etc. is required

  • The ability to obtain and maintain a US Government security clearance is strongly desired

  • SOAR / Automation experience strongly desired

  • Familiarity with the MITRE ATT&CK framework is desired

  • Experience with threat hunting and cyber intelligence is desired

  • CISSP (Certified Information Systems Security Professional) and/or CISM (Certified Information Security Manager) certification desired but not required

The Company is an Equal Opportunity Employer. It is our policy to afford equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, national origin, citizenship, place of birth, age, disability, protected veteran status, gender identity or any other characteristic or status protected by applicable in accordance with federal, state and local laws.

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law document at

To view our Pay Transparency Statement, please click here: Pay Transparency Statement



How to apply:

To apply for this job you have to sign in to our website (My profile link in the header).

If you don't have an account with us yet, please Sign up.

Share you skills and get paid! All from the comfort of your home. Sign up for!