Senior Manager, IT Security

Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.

Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture.

Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers.

Job Summary

We are seeking an experienced and strategic Senior Manager of IT Security to lead our IT security initiatives. The Senior Manager will be responsible for developing and implementing comprehensive IT security strategies, implementing robust measures, performing audits, and leading initiatives to fortify systems and ensuring the protection of our information assets. This role requires a deep understanding of cybersecurity principles, excellent leadership skills, and the ability to stay ahead of emerging threats. 

Key Responsibilities: 

Security Strategy Development:  

Develop and implement a robust IT security strategy aligned with the organization's goals and objectives. 
Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation. 

Security Infrastructure Design and Implementation: 

Design, implement, and maintain security infrastructure, including firewalls, intrusion detection/prevention systems (IDS/IPS), and network access controls. 
Ensure security measures are integrated into the organization's IT architecture. 

Identity and Access Management: 

Assist Identity Engineers in implementation and management of Identity Access Management (IAM) and Privilege Access Management (PAM) solutions to ensure appropriate access controls and elevations. 
Conduct regular access reviews and audits to ensure compliance with security policies. 

Threat and Vulnerability Management: 

Conduct vulnerability assessments to identify security weaknesses in partnership with SecOps. 
Coordinate security patches and updates to mitigate vulnerabilities. 
Mitigate or correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative.  
Perform security reviews, identify gaps in security architecture, implement security measures to resolve vulnerabilities, mitigate risks, help develop a security risk management plan, and recommend security changes to systems as needed.  

Risk Management:  

Identify, assess, and mitigate security risks to protect the organization's End User Technology and Infrastructure assets. 
Verify minimum security requirements are in place for all applications. 

Access Control Management: 

Implement and manage identity and access management (IAM) solutions to ensure appropriate access controls. 
Conduct regular access reviews and audits to ensure compliance with security policies. 

Research and Development: 

Stay current with emerging security threats, technologies, and industry trends. 
Evaluate and recommend new security tools and technologies to enhance the organization's security posture. 

Documentation and Reporting: 

Maintain detailed documentation of security configurations, incidents, and procedures. 
Generate regular security reports for management and stakeholders. 
Properly document all systems security implementation, operations, and maintenance activities and update as necessary.  
Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.  
Verify and update security documentation reflecting the application/system security design features. 

Policy and Compliance:  

Develop and enforce IT security policies, standards, and procedures in partnership with GRC and broader Security organization to ensure compliance with regulatory requirements and industry best practices. 

Collaboration and Communication: 

Work closely with IT and business teams to ensure security measures align with organizational goals. 
Communicate security risks and recommendations to stakeholders. 

Team Leadership:  

Lead and mentor the IT security team, providing guidance and support to ensure their professional growth and development. 

Budget Management:  

Develop and manage the IT security budget, ensuring efficient allocation of resources. 

Skills: 

Tools and Technologies: 

Security Information and Event Management (SIEM): Azure Sentinel 
Endpoint Protection: Microsoft Defender for Endpoints. 
Network Security: Palo Alto Networks, Cisco ASA, Fortinet 
Identity and Access Management (IAM): Microsoft Entra ID, CyberArk. 
Vulnerability Management Tools such as Qualys, Rapid7 or similar. 
Encryption Tools such as Bitlocker, PGP or similar. 
Incident Response: FireEye, Carbon Black, Mandiant or similar. 
Cloud Security: AWS Security Hub, Microsoft Azure Security Center, Google Cloud Security or similar. 

Education:  

Bachelor’s degree in Information Security, Computer Science, or a related field. 
Master’s degree in similar field preferred. 

Experience:  

Minimum of 7-10 years of experience in IT security, with at least 3 years in a leadership role. 
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certifications preferred. 

Skills: 

Proven experience in developing and implementing security strategies and policies. 
Strong understanding of cybersecurity principles, technologies, and best practices. 
Strong analytical and problem-solving abilities. 
Excellent leadership and team management skills. 
Ability to work closely with IT and business teams to ensure security measures align with organizational goals. 
Ability to stay current with emerging security threats and technologies. 
Knowledge of business continuity and disaster recovery principles. 

Join the Kaseya growth rocket ship and see how we are #ChangingLives !

Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.