SelectQuote Inc
Manager IT Security
SelectQuote Inc, Overland Park, Kansas, United States, 66213
Company Overview
More than 35 years ago, SelectQuote was founded on one core promise: to help our customers protect the people they value most.
We pioneered the way consumers shopped for term life insurance, and now, we also help people find home insurance, auto insurance, senior health insurance and more. Our quick and easy process saves consumers both time and money, and today, more than 2 million families trust us to help them with their insurance needs.But what truly sets us apart is our people, and the opportunities to grow your career with SelectQuote are unmatched.
About the RoleThe Manager of IT Security is responsible for overseeing the day-to-day tactical operations of the IT Security team ensuring the enterprise-wide security posture is robust and resilient. The team under your leadership will manage and enhance Identity and Access Management (IAM) systems, Vulnerability Management, Endpoint Detection and Response (EDR), and Security Information and Event Management (SIEM) configurations. You will collaborate closely with the Manager of 24x7 SOC Operations to ensure integrated and cohesive security operations across the organization.Supervisory Responsibilities:This position has direct supervisory responsibilities.Essential Duties and Responsibilities:Lead, mentor, and manage a team of IT security professionals including analysts and engineers.Set performance goals, conduct regular evaluations, and provide professional development opportunities for team members.Oversee day-to-day security operations ensuring efficient task allocation, prioritization, and effective management of incident and service request tickets.Actively participate in the software review process assessing the security implications of new and existing software and collaborating with cross-functional teams to ensure compliance with security standards before deployment.Oversee the design, implementation, and management of IAM systems ensuring secure access controls across the organization.Ensure adherence to least privilege principles and regularly review access permissions.Manage the identification, assessment, and remediation of vulnerabilities across all IT assets.Oversee the deployment and management of vulnerability scanning tools and ensure timely patching and remediation efforts.Regularly update and maintain the security risk register ensuring that identified vulnerabilities, associated risks, and mitigation actions are accurately documented and addressed according to their severity and impact providing a comprehensive view of the organization's security posture.Oversee the deployment, configuration, and management of EDR solutions to ensure continuous monitoring and protection of endpoints.Lead the development and refinement of EDR policies and procedures.Oversee the configuration, tuning, and management of SIEM systems to ensure effective monitoring, alerting, and incident response.Collaborate with SOC and IT Operations to optimize log collection, correlation, and incident detection.Work with the SOC team to manage security incidents ensuring timely and effective response and remediation.Lead post-incident analysis and develop action plans to prevent future incidents.Ensure that all security operations and systems are compliant with relevant industry standards and regulations.Participate in internal and external security audits providing necessary documentation and reports.Work closely with the Manager of 24x7 SOC Operations and other IT leadership to ensure alignment on security initiatives and incident response.Communicate security risks, incidents, and mitigation strategies to senior management and other stakeholders.Foster a culture of security across the organization by promoting awareness, training, and best practices ensuring that security is integrated into all business processes and decisions.Skills/Abilities:Strong knowledge of IT security principles, frameworks, and best practices.Hands-on experience with security technologies including IAM, EDR, SIEM, and vulnerability management tools.Excellent leadership and team management skills with the ability to mentor and develop staff.Strong problem-solving skills and the ability to make critical decisions under pressure.Exceptional communication skills with the ability to convey complex security concepts to both technical and non-technical audiences.Ability to work collaboratively across teams and manage multiple projects simultaneously.Education and Experience:Bachelor’s degree in Information Security, Computer Science, or a related field; a Master’s degree is preferred.A minimum of 7+ years of progressive experience in IT security with at least 3 years in a managerial or leadership role overseeing complex security operations.Demonstrated expertise in managing and optimizing IAM systems, Vulnerability Management programs, EDR solutions, and SIEM configurations.Strong experience in leading security initiatives in hybrid environments including on-premises, cloud (AWS, Azure, GCP), and manufacturing environments.Proven track record of successfully collaborating with cross-functional teams and driving a culture of security throughout the organization.Experience managing IT security in hybrid on-premises and multi-cloud environments minimally: AWS, Azure, and GCP.Expertise in advanced threat detection and response strategies.Experience with regulatory compliance frameworks such as SOX, HIPAA, or HITrust.Certificates/Licenses/Registration:Professional certifications are highly valued and may include:
Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)Certified Cloud Security Professional (CCSP)Certified Information Systems Auditor (CISA)GIAC Security Expert (GSE) or other relevant GIAC certifications.AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, or similar cloud-specific certifications.
Additional certifications in areas such as Risk Management (CRISC), Ethical Hacking (CEH, OSCP), or Industrial Control System Security (ISA/IEC 62443) are highly desirable.Physical Requirements:Work is performed indoors with potential for exposure to safety and health hazards related to office work. Could periodically travel to other office and operational sites. The noise level in the work environment is usually moderate.Prolonged periods of sitting at a desk and working on a computer.SelectQuote Core Values:S ervice: We create positive customer experiences.E ntrepreneurship: We create innovate & take risks.L eadership: We build & invest in high-performing teams.E mpowerment: We embrace a changing environment.C ourage: We challenge the status quo & drive continuous improvement.T eamwork: We help support & celebrate each other.Disclaimer:
The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required.
#J-18808-Ljbffr
More than 35 years ago, SelectQuote was founded on one core promise: to help our customers protect the people they value most.
We pioneered the way consumers shopped for term life insurance, and now, we also help people find home insurance, auto insurance, senior health insurance and more. Our quick and easy process saves consumers both time and money, and today, more than 2 million families trust us to help them with their insurance needs.But what truly sets us apart is our people, and the opportunities to grow your career with SelectQuote are unmatched.
About the RoleThe Manager of IT Security is responsible for overseeing the day-to-day tactical operations of the IT Security team ensuring the enterprise-wide security posture is robust and resilient. The team under your leadership will manage and enhance Identity and Access Management (IAM) systems, Vulnerability Management, Endpoint Detection and Response (EDR), and Security Information and Event Management (SIEM) configurations. You will collaborate closely with the Manager of 24x7 SOC Operations to ensure integrated and cohesive security operations across the organization.Supervisory Responsibilities:This position has direct supervisory responsibilities.Essential Duties and Responsibilities:Lead, mentor, and manage a team of IT security professionals including analysts and engineers.Set performance goals, conduct regular evaluations, and provide professional development opportunities for team members.Oversee day-to-day security operations ensuring efficient task allocation, prioritization, and effective management of incident and service request tickets.Actively participate in the software review process assessing the security implications of new and existing software and collaborating with cross-functional teams to ensure compliance with security standards before deployment.Oversee the design, implementation, and management of IAM systems ensuring secure access controls across the organization.Ensure adherence to least privilege principles and regularly review access permissions.Manage the identification, assessment, and remediation of vulnerabilities across all IT assets.Oversee the deployment and management of vulnerability scanning tools and ensure timely patching and remediation efforts.Regularly update and maintain the security risk register ensuring that identified vulnerabilities, associated risks, and mitigation actions are accurately documented and addressed according to their severity and impact providing a comprehensive view of the organization's security posture.Oversee the deployment, configuration, and management of EDR solutions to ensure continuous monitoring and protection of endpoints.Lead the development and refinement of EDR policies and procedures.Oversee the configuration, tuning, and management of SIEM systems to ensure effective monitoring, alerting, and incident response.Collaborate with SOC and IT Operations to optimize log collection, correlation, and incident detection.Work with the SOC team to manage security incidents ensuring timely and effective response and remediation.Lead post-incident analysis and develop action plans to prevent future incidents.Ensure that all security operations and systems are compliant with relevant industry standards and regulations.Participate in internal and external security audits providing necessary documentation and reports.Work closely with the Manager of 24x7 SOC Operations and other IT leadership to ensure alignment on security initiatives and incident response.Communicate security risks, incidents, and mitigation strategies to senior management and other stakeholders.Foster a culture of security across the organization by promoting awareness, training, and best practices ensuring that security is integrated into all business processes and decisions.Skills/Abilities:Strong knowledge of IT security principles, frameworks, and best practices.Hands-on experience with security technologies including IAM, EDR, SIEM, and vulnerability management tools.Excellent leadership and team management skills with the ability to mentor and develop staff.Strong problem-solving skills and the ability to make critical decisions under pressure.Exceptional communication skills with the ability to convey complex security concepts to both technical and non-technical audiences.Ability to work collaboratively across teams and manage multiple projects simultaneously.Education and Experience:Bachelor’s degree in Information Security, Computer Science, or a related field; a Master’s degree is preferred.A minimum of 7+ years of progressive experience in IT security with at least 3 years in a managerial or leadership role overseeing complex security operations.Demonstrated expertise in managing and optimizing IAM systems, Vulnerability Management programs, EDR solutions, and SIEM configurations.Strong experience in leading security initiatives in hybrid environments including on-premises, cloud (AWS, Azure, GCP), and manufacturing environments.Proven track record of successfully collaborating with cross-functional teams and driving a culture of security throughout the organization.Experience managing IT security in hybrid on-premises and multi-cloud environments minimally: AWS, Azure, and GCP.Expertise in advanced threat detection and response strategies.Experience with regulatory compliance frameworks such as SOX, HIPAA, or HITrust.Certificates/Licenses/Registration:Professional certifications are highly valued and may include:
Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)Certified Cloud Security Professional (CCSP)Certified Information Systems Auditor (CISA)GIAC Security Expert (GSE) or other relevant GIAC certifications.AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, or similar cloud-specific certifications.
Additional certifications in areas such as Risk Management (CRISC), Ethical Hacking (CEH, OSCP), or Industrial Control System Security (ISA/IEC 62443) are highly desirable.Physical Requirements:Work is performed indoors with potential for exposure to safety and health hazards related to office work. Could periodically travel to other office and operational sites. The noise level in the work environment is usually moderate.Prolonged periods of sitting at a desk and working on a computer.SelectQuote Core Values:S ervice: We create positive customer experiences.E ntrepreneurship: We create innovate & take risks.L eadership: We build & invest in high-performing teams.E mpowerment: We embrace a changing environment.C ourage: We challenge the status quo & drive continuous improvement.T eamwork: We help support & celebrate each other.Disclaimer:
The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required.
#J-18808-Ljbffr