IT and Security Operations Manager

An IT and Security Operations Manager at Civis oversees IT operations and security compliance, manages a dedicated team, and drives initiatives such as achieving FedRAMP authorization. This role involves mentoring team members, ensuring efficient IT infrastructure, and conducting compliance assessments to uphold our security standards.

Civis prefers candidates with over 5 years of relevant experience in IT or security, especially those who have managed security frameworks like FedRAMP or SOC2. A strong technical understanding of IT tools and excellent communication skills are also essential for effectively addressing both technical tasks and team management.

To excel as an IT and Security Operations Manager at Civis, emphasize your leadership skills, stay informed of IT security trends, and demonstrate a strategic mindset paired with hands-on program management experience. Familiarity with compliance requirements and a collaborative spirit will also be beneficial in fostering team growth.

The primary responsibilities include managing team members, overseeing IT infrastructure, conducting compliance assessments, and leading security initiatives. You’ll also ensure the internal systems are secure and efficient while being a key player in managing vendor relationships to find cost-effective solutions.

As an IT and Security Operations Manager at Civis, you can expect a fully remote work environment that encourages collaboration and innovation. We celebrate diversity and promote flexible work practices that empower you to make meaningful contributions while being part of a tech startup with a solid mission.

In this role, you will work with critical IT systems such as Okta, GSuite, Slack, and Kandji. A strong understanding of these tools will help streamline operations and maintain efficient workflows for your team.

At Civis, we offer numerous growth opportunities for an IT and Security Operations Manager. With our focus on internal promotion and personal development, you will have the chance to lead key initiatives while being encouraged to explore innovative security solutions that can elevate our operational efficiency.

Discuss specific examples of successfully managing IT operations remotely, highlighting your adaptability and communication skills. Illustrate how you ensured team collaboration and maintained productivity while working from different locations.

Explain your mentoring approach by mentioning specific strategies to foster team member growth and empower employees. You can include setting clear performance expectations, providing constructive feedback, and encouraging continuous learning.

Share your detailed experience with compliance frameworks, focusing on your past achievements in obtaining or maintaining certifications. Offer insights into the assessment processes and any specific metrics you tracked to measure compliance effectiveness.

Outline your vendor management strategies, emphasizing relationship building, negotiation skills, and collaboration. Describe methods you use to assess vendor performance and how you ensure they meet the organization's security and compliance standards.

Share the various resources and communities you engage with, such as industry publications, webinars, and professional groups. Specific examples of how you have applied new trends to improve operations or security protocols would highlight your proactive nature.

Provide a comprehensive narrative of your actions during the security incident. Focus on your immediate response, coordination with stakeholders, measures taken for remediation, and key learnings from the incident that strengthened future security practices.

Discuss your method for balancing multiple IT projects, emphasizing the importance of aligning them with business goals and compliance requirements. Mention specific criteria you use for prioritizing tasks and making informed decisions.

Exemplify how communication shapes your management style by describing instances when you effectively articulated technical concepts to non-technical audiences. Mention techniques used to enhance team discussions and nurture a collaborative culture.

Articulate your approach to securing cloud environments, detailing specific practices such as implementing best security measures, conducting regular audits, and monitoring systems for vulnerabilities. Explain your proactive nature in security enforcement.

Discuss qualitative and quantitative methods you utilize to evaluate the performance of IT operations and security. Mention relevant metrics and how they inform you about areas needing improvement or investment.