Manager, Global IT Security
Gatineau, Ottawa, Canada
4d ago


Sitecore is the global leader in experience management software that enables context marketing. The Sitecore® Experience Platform™ manages content, supplies contextual intelligence, automates communications, and enables personalized commerce, at scale.

It empowers marketers to deliver content in context of how customers have engaged with their brand, across every channel, in real time before, during, and after a sale.

More than 5,200 brands including American Express, Carnival Cruise Lines, easyJet, and L’Oréal have trusted Sitecore for context marketing to deliver the personalized interactions that delight audiences, build loyalty, and drive revenue.

Sitecore is experiencing spectacular growth all over the world. To build on Sitecore’s success and growth, we’re looking for a skilled Security Operations Manager to work as part of our IT Department.

The position can be based at Sitecore offices in Manchester, NH or Gatineau, Canada

Position Summary

The candidate will be responsible for supporting Sitecore’s IT security operations, the continuous monitoring and risk assessment of the IT corporate environment, and the remediation of assets in the event of audit findings or security events.

The candidate will work with the security / IT team to manage the organization’s security scanning tools, Security Operations Center program, assessment / analysis of the collected data, and the tracking and reporting of suspicious activity.

The successful candidate with have good business judgment, strong technical expertise, strategic thinking and the ability to work independently as well as collaboratively in a collegial, fast-paced team environment.

  • Support the enterprise vulnerability assessment program, which includes scanning of IT assets using commercial vulnerability assessment tools
  • Collaborate with others on global Security Team to perform regular security reviews by conducting assessments of systems, processes and infrastructure and making recommendations to minimize risks identified based on OWASP, PCI and SOC compliance as well as contractual requirements.
  • Manage IT security policies and implement programs for companywide initiatives supporting overall security profile and education.
  • Work with stakeholders to ensure IT policies are effective and followed.
  • Support and manage aspects of the enterprise security event monitoring program which includes management of Security Operations Center program and SIEM solution for corporate assets
  • Work as an active member of the company’s Security Incident Response Team with real time decision making for ongoing information security incidents as they occur
  • Work with auditors and internal stakeholders to remediate and resolve potential security issues in response to internal audits.
  • Act as an internal consultant to IT Infrastructure and Application teams in designing and implementing security solutions.
  • Perform pre-production penetration tests of IT environment

  • Provide guidance and implement security policy and procedures for infrastructure and Application teams
  • Maintain a comprehensive understanding of the company’s threat landscape in order to support the global Security Team in the selection, deployment, and operations of security infrastructure including vulnerability management, WAF, Network Monitoring, DDoS prevention and IPS / IDS.
  • Direct the installation and use of security tools (firewall, data encryption) to protect company data.
  • Collaborate with the Company’s security teams in reviewing system-related information security plans to ensure alignment with security strategies within enterprise, network, product and data governance
  • Qualifications and Education Requirements

  • 8 years relevant security experience
  • Willingness to work as part of a global team
  • Knowledge of DLP and FIM strategy
  • Enterprising and has the ability to make decisions independently
  • Platforms : Office 365, Windows OS, Firewalls, Azure, Business Applications (Netsuite, Workday, Salesforce)
  • Knowledge of Security Tools including : Enterprise grade SIEM (e.g., Sumo Logic, QRadar),Network Vulnerability Assessment Tools (e.
  • g., Qualys, Nessus),Application Security Tools (e.g., Veracode),Data Loss Prevention Tools

  • Okta 2 factor authentication
  • Working knowledge of security standards, including ISO 27001, SOC 2, CSA STAR, Microsoft SDL, BSIMM
  • Awareness of global data protection regulations
  • Preferred Skills

  • An ideal mix of consulting and in-house operations experience
  • Strong communicator, with an ability to sell security
  • Effective problem solver, who has the ability to navigate the distributed organization
  • Ability to make decisions independently
  • Certifications : CISSP, CISM, CIPT or similar strongly preferred.
  • Sitecore is proud to be an equal opportunity workplace. We are committed to equal employment opportunity without unlawful regard to race, color, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability, veteran status or any other local legally protected characteristic.

    Add to favourites
    Remove from favourites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form