WHO IS WESTERN ASSETWestern Asset Management focuses on supporting our clients’ financial goals and creating positive outcomes for all kinds of people. Primarily a globally integrated fixed-income manager, we source ideas and investment solutions worldwide, with an emphasis on long-term fundamental value investing, using multiple diversified strategies.Western Asset’s information security program employs a holistic approach to managing the information security risks to the firm. We are seeking Manager of IT Cyber Security to be a part of our mature Cybersecurity Operations function. The Manager of IT Cyber Security is responsible for day-to-day operations, prioritization of work and leads the implementation of new cybersecurity technologies and processes, taking a best practice and risk-based approach to protect the company, our clients and employees. The Manager works closely with other infrastructure and operations functions to ensure security remains built-in to all areas of technology while leveraging industry leading tools, performing threat hunting and automation tasks to detect and respond to evolving threats. Solves complex technical challenges and safe-guards the firm’s information system assets & data.What you will do:Management of staff. Leads, influences and mentors a team of engineering and analystsManages 24/7 SOC team and resources. Manages on-call schedule and incident escalationsOwns and support cyber toolset and functions including:Proactive monitoring and reporting for endpoint and system health including, patching, compliance, and other performance metrics. Coordinates vulnerability remediationEndpoint Detection & Response (EDR/XDR), automation (SOAR), anomaly detection and SIEM tools. SIEM/Log Correlation & Alerting, Insider Threat Detection, CSPM, Threat Intelligence / Partnerships with Industry Orgs (FS-ISAC), SOC Operations, DevSecOps (CI/CD), Penetration Testing (Red/Blue Team)Secure DevOps, SDLC & Development Standards, Secure Coding, Application Vulnerability Analysis, Change Control / Integrity Monitoring, Web Application Firewalls, API Security, Third Party / Open-Source Supply Chain SecurityNetwork security technologies including Firewalls, Application Security (SAST/DAST/SCA), Intrusion Detection, Identity Management, Data Classification/Protection, Anti Malware/NGAV, Web Proxy, Endpoint Management/Patching, DDoS Protection, Encryption/PKI, proxyDLP, WAF, messaging security products. IR and Forensics toolsIdentity and Access Management; SSO/Federation (SAML, OAuth, OpenID Connect), LDAP/Active Directory/SCIM, Multi Factor Authentication, RBAC Principles, IaaS/PaaS/SaaS Identity Integration, Privileged Access Management, Device Posturing / Certificate Based-AuthenticationImplements new security technologies, Incident response plan maintenance and testing through tabletop exercises.Diagnoses and investigates problems. Supports the incident response processProvides effective security guidance to technology teams and to the businessDrafts, reviews, edits information security policies/procedures. Manages security budget and roadmap. Stays current with security legislation and regulatory requirements, including performing gap analyses between guidelines and practiceMonitors third party providers, suppliers, and security partners. Support vendor management program to assess security posture at third partiesWhat you will bring:Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and/or experience7 years’ experience an IT Security focused role, with 5 years in a lead role and ability to mentor staffFamiliar with security controls or concepts related to various security community groups or standards: CISSP Domains, NIST, OSI model, MITRE ATT&ACK frameworksUnderstanding of Cybersecurity Operations models and technologies (cloud, automation, orchestration, analytics, and risk-based approaches). In-depth knowledge of modern security concepts such as common attack vectors, malware, security analytics and threat intelligenceProven experience within Incident Response situations. Knowledge of cybersecurity technology trendsExcellent written and verbal communication skills, and be capable of understanding, documenting, communicating, and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertiseBe a team player and enjoy collaborating on cross-functional teamsCISSP, CCSP, or other relevant industry security-focused certifications preferredExpected base salary for the role will generally be between $163,250 and $205,000 per year at the commencement of employment. However, base salary if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include other forms of compensation such as, discretionary bonuses, short and long-term incentive packages, and Company-sponsored benefit programs.About Western AssetAt Western Asset we’re saying hello to the future. Committed to being the leading fixed-income investment management firm in the world, we’re investing in new technologies, methodologies and markets. We’re also investing in our people. Our business is guided by a belief in doing the right thing: that if we treat our clients and colleagues with fairness and respect, success will follow. We’re building on our reputation and resources with an entrepreneurial approach that drives innovation. Every day is an opportunity for us to get better by making the most of the possibilities that our people and ideas can bring.Our Commitment to DiversityWe believe a diverse and cohesive workforce promotes the formation of different ideas and viewpoints, enhances independent thinking, and helps create a work environment where the best ideas are identified and implemented. We are committed to unlocking the power of diversity through an inclusive environment that affords everyone the opportunity to develop individually, advance professionally and participate fully in the Firm’s success.EQUAL EMPLOYMENT OPPORTUNITY ("EEO")Western Asset Management is an Equal Opportunity/AffirmativeAction Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, age, marital status, medical condition (including pregnancy and related conditions), physical or mental disability, protected veteran status, and/or any other characteristic protected by law.Link to Equal Employment Opportunity StatementLink to Pay Transparency NoticeLink to Equal Employment Opportunity PosterLink to Equal Employment Opportunity Poster SupplementLink to Vietnam Era Veterans Readjustment Assistance ActJoin our talent poolWe’re always on the look-out for creative, curious, collaborative, and entrepreneurial individuals. Even if you don’t see any current opportunities that match your skills, we’d still like to hear from you. Sign up for our Talent Pool and we’ll get in touch when something suitable comes up.Register today and build your own searchable profile ready for our hiring managers to view. All you need is a few basic details and an up-to-date copy of your resume ready to upload. We support .rtf, .docx, .doc, .txt and .pdf files, provided they are smaller than 2MB.SummaryLocation: Pasadena, California, United States of AmericaType: Full time