Manager, Cyber Security

Full Time
San Antonio, TX
Areas of Interest: Incident Response, Vulnerability Assessment and Management
report a problem

Redefining the Way the World Consumes Cloud Computing
Join a community that is building the foundation for tomorrow today.

Overview & Responsibilities

  • Manage operations in deterring, identifying, monitoring, investigating, and analyzing computer network intrusions. Ensure events are properly identified, analyzed, and escalated to incidents.
  • Lead hunt activities for anomalous activity and indicators of compromise using various intelligence feeds and toolsets.
  • Serve as the technical escalation point and mentor for lower-level analysts.
  • Participate in the response, investigation, and resolution of security incidents.
  • Provide communication throughout an incident per the ISOC Standard Operating Procedures.
  • Communicate directly with end users and asset owners.
  • Maintain a strong awareness of the current threat landscape.
  • Create knowledge base articles for handling medium and high severity incidents.
  • Assist in the advancement of security policies, procedures, and automation.
  • Create custom network based signatures to improve defensive posture within NIDS and SIEM.
  • Utilize malware analysis techniques (advanced and static analysis) to identify and assess malicious software. Perform computer and network forensic analysis.
  • Develop incident response reporting and policy updates as needed.

Day to day responsibilities:

  • Manage analysts within operations to ensure events and incidents are responded to per standard operating procedures.
  • Serve as escalation point for events and incidents.
  • Documents and conforms to processes related to security monitoring.
  • Provide performance metrics as necessary.
  • Provide training, mentorship and career growth planning and guidance to analysts.

Background and experience:

  • Advanced knowledge and understanding of network protocols and devices.
  • Highly proficient in intrusion analysis and incident response.
  • Advanced experience with Mac OS, Windows, and Unix systems.
  • Demonstrable problem solving, analytical skills and attention to detail.
  • Strong verbal and written communication skills.
  • Ability to handle high-pressure situations in a productive and professional manner.
  • Document and conform to processes related to security monitoring.
  • Provide incident investigation, handling, and response to include incident documentation.
  • Intermediate experience with evidence seizure, computer forensic analysis, and data recovery.
  • Strong time management, skills with the ability to multitask.
  • Ability to work a flexible work schedule, including weekends.
  • Understanding and/or experience with one or more of the following programming languages: .NET, PHP, Perl, Python, Java, Ruby, C, C++.
  • General knowledge and experience and expertise with ethical hacking, firewall and intrusion detection/prevention technologies, secure coding practices, and threat modeling.

Advanced knowledge of the following:

  • SIEM
  • Packet Analysis
  • SSL Decryption
  • Malware Detection
  • Network Monitoring Tools
  • Case Management System
  • Knowledge Base
  • Web Security Gateway
  • Email Security
  • Data Loss Prevention
  • Anti-Virus
  • Network Access Control
  • Encryption
  • Vulnerability Identification

Required experience and education:

  • Bachelor’s degree in Computer Science or equivalent combination of education and experience required.
  • 3+ years of experience in a security operations center (SOC) environment required.
  • GCIA, GCIH required. GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MSA, MCP, or MCSE preferred.
  • Experience with SIEM (i.e. Arcsight, QRadar) Sourcefire, FireEye, Snort or an equivalent tool required.
  • 3+ years of experience with reviewing raw log files, data correlation, and analysis (ie. System logs, netflow, firewall, IDS) required.
  • Experience creating Snort signatures required.
Stay in Touch!

Don’t see anything that fits your strengths or skills? 
Sign-up to be a part of our ‘Talent Community’ and receive information about jobs you’re interested in when they become available.
Equal Employment Opportunity Policy: Rackspace is committed to offering equal employment opportunity without regard to age, color, disability, gender, gender identity, genetic information, marital status, military status, national origin, race, religion, sexual orientation, veteran status, or any other legally protected characteristic. 

The above information has been designed to indicate the general nature and level of work performed by employees in this classification. It is not designed to contain or to be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of the employee assigned to this job.

Share this job:


The #1 managed cloud company
Rackspace, the #1 managed cloud company, helps businesses tap the power of cloud computing without the challenge and expense of managing complex IT infrastructure and application platforms on their own. Rackspace engineers deliver specialized expertise on top of leading technologies developed by OpenStack, Microsoft, VMware and others, through a results-obsessed service known as Fanatical Support®. We have more than 300,000 customers worldwide, including two-thirds of the FORTUNE 100. Rackspace was named a leader in the 2015 Gartner Magic Quadrant for Cloud-Enabled Managed Hosting, and has been honored as one of Fortune’s Best Companies to Work For in six of the past eight years.
Hybrid Hosting, Cloud Hosting, E-Mail Hosting, Dedicated Managed Hosting, IT Services, Platform Hosting, VPN's, Network Security, SharePoint, and various other IT services, Managed Cloud
Visit Rackspace's Social Media pages:
Company Industry: Information Technology and Services
Company Type: Public Company
Company Size: 5,001-10,000