Summary

As a Senior Client Manager (Sr. CM) you'll be responsible for selling Optiv security services and security technology solutions to a select few strategic accounts within the San Francisco Bay Area. You'll also be responsible for owning and coordinating all aspects of the sales cycle within your assigned accounts, and leading a cross-functional team to build and execute a multi-year strategic account management plan for your top accounts. Members of this cross-functional team will typically include a Solutions Architect, Client Operations Specialist, and an Executive Advisory Director and services practices personnel as appropriate for your accounts.

Development of a multi-year strategic account management plan for your top accounts is a core and critical responsibility for the Sr. CM. You'll identify and understand your client's core business objectives and how they correlate to mitigating business and cybersecurity risk. An overarching goal is to establish a trusted relationship with the client that results in Optiv being their primary security solution partner and provider.

• Build trusted, effective and productive relationships with client executives at multiple levels within assigned accounts.
• Lead creation of multi-year strategic account management plans for top accounts, based upon identified client business, technology and security goals, coupled with Optiv's understanding of security trends, threats and points of view for each assigned account.
• Build a large sales pipeline, ideally 4 times assigned targets, within assigned accounts and achieve/exceed gross margin target in excess of $2M annually.
• Manage current and multi-quarter forecasts with a high-degree of accuracy, currency and integrity.
• Execute with discipline and in alignment with Force Management principles including MEDDICC and Command of the Message, among others.
• Effectively communicate Optiv’s value proposition as it relates to security services and technologies expertise and capabilities.
• Build strong, collaborative and productive relationships with technology partners and their respective sales personnel to both gain and share leads in support of building qualified pipeline and maximizing mutually beneficial sales opportunities.
• Initiate and / or monitor and mediate all necessary communications between clients, technology partners and members of the extended Optiv team (technical, sales, client operations, etc.) within each assigned account.
• Maintain collaborative and effective internal communications with Optiv team members relative to specific opportunities, associated requirements and client satisfaction.

Required Qualifications

• Minimum 5-7 years of experience as an individual contributor selling Cybersecurity Solutions and Services in the San Francisco Bay Area.

Preferred Qualifications

• Strong, established relationships with Key Accounts and OEM partners in local territory.
• Proven ability to build and execute territory and account prospecting and expansion plans with a track record of exceeding assigned quotas.
• Experience engaging cross-functional resources such as sales, pre-sales technical support, and other support personnel in an effective fashion.
• Demonstrated ability to build productive business relationships with key executives and sponsors within assigned accounts.
• Effective presentation, verbal and written communication skills.
• Negotiation experience.
• History of demonstrated achievement exceeding plan and expectations.

• #LI-CH1

• Salary Range Description

  $97,800.00 - $128,000.00 Annual

  The Hiring Range provided for this role is informed by (but not limited to) various factors including responsibilities of the position, work experience, education/training, internal peer equity, geography, as well as other market influences when extending an offer. The disclosed range has not been adjusted for these factors. This role may also be eligible to participate in a variable incentive-based bonus plan. Optiv offers a comprehensive compensation and benefits package, of which salary is a component.

• What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.

• Work/life balance

• Professional training resources

• Creative problem-solving and the ability to tackle unique, complex projects

• Volunteer Opportunities. 'Optiv Chips In' encourages employees to volunteer and engage with their teams and communities.

• The ability and technology necessary to productively work remotely/from home (where applicable)

• EEO Statement

  Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.

  Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.

Summary of This Role

Designs applications of advanced complexity which address business functionality and performance needs, while ensuring that maximum security is applied. Incorporates both in-house and externally acquired solutions. Considered a subject matter expertise in relation to security architecture and liaises with other areas of IT in the dissemination of this information to counter threats and internal and external vulnerabilities. Applies experience in topics such as enterprise software, software and hardware configurations, authentication, authorizations, detection and countering errant codes and scripts and related matters.

Company Overview

Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services. Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow.

• Applies application development understanding and includes security controls within the application pipeline for moderately complex projects. Verifies controls are adhered to.
• Reviews security architecture designs independently utilizing a strong understanding of network architecture to include recommendations drafting.
• Utilizes a strong understanding of the appropriate settings for premise or cloud-based security platforms in order to build guides for the standard implementation of a given platform.
• Interprets vulnerability scanning from DAST and SAST and/or penetration test results to eliminate false positives while identifying appropriate mitigation for true issues.
• Communicates InfoSec Architectural and Application Security policies, standards, and guidelines in documentation for consumption by both IT and non-IT resources.
• Utilizes a high level of industry understanding of implications of new threats and their applicability to the company, as well as options to reduce/eliminate new risk.
• Build relationships with developers, stakeholders, and scrum masters to incorporate security principles into engineering design and deployments.
• Perform testing and validation in application security controls across projects.
• Oversee implementation of defensive practices and countermeasures across infrastructure and applications.
• Draft and uphold CI/CD security strategy and practices in tandem with other technical team leads.
• Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle.
• Identify vulnerabilities in code through automated and manual assessments, and promote quick remediation.
• Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business, and gain support through influential messaging.

Minimum Qualifications

• Bachelor's Degree
• Relevant Experience or Degree in: Information Security or Computer Science
• Typically Minimum 4 Years Relevant Exp
• Prior experience must be as an Information Security Analyst, or related role. Strong understanding of regulatory audit requirements and developing the appropriate solutions to address findings. Degree strongly preferred; however, additional 4 years related experience may be considered in lieu of a degree.
• One or more of the following (or similar) - eWPTX, OSWE, CISSP, CEH, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, Security +, CGEIT, CCSP
• Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC).

Preferred Qualifications

• Typically Minimum 6 Years Relevant Exp
• Prior experience must be as an Information Security Analyst, Security focused Network Admin/Engineer or Systems Admin/Engineer. Understanding of regulatory requirements and solutions design to meet said requirements.
• Preferably some experience with operations and security across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP).

What Are Our Desired Skills and Capabilities?

• Skills / Knowledge - A seasoned, experienced professional with a full understanding of area of specialization; resolves a wide range of issues in creative ways. This job is the fully qualified, career-oriented, journey-level position.
• Job Complexity - Works on problems of diverse scope where analysis of data requires evaluation of identifiable factors. Demonstrates good judgment in selecting methods and techniques for obtaining solutions. Networks with senior internal and external personnel in own area of expertise.
• Supervision - Normally receives little instruction on day-to-day work, general instructions on new assignments.
• Network Engineering/Architecture - Maintains an understanding of TCP/IP network connectivity, subnet segmentation, security zones, secure ports/protocols, network authentication/authorization, security tools and their applicability (WAF, IPS, Sandbox, etc.).
• Systems Engineering/Architecture - Maintains an understanding of Operating system infrastructure, including Windows, Linux, containers, container orchestration, and Virtual Machines. Must understand system authentication options, user rights within systems, user authentication/authorization, least privilege, Group Policy, Automation tooling (Puppet, chef, ansible) and local security agents/tools (Anti-Virus, Whitelisting, forensics, firewall, etc.)
• Encryption/Cryptography - Understands the use of digital certificates, root certificate trust, and how to encrypt/decrypt network traffic. Recognizes data that must be encrypted at rest, and how to assure encryption key processes meet policy and regulatory requirements.

Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information, or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact jobs@globalpay.com.

As a Penetration Tester specialized in Red Teaming, joining our team means you will play a pivotal role in ensuring our customers' networks and underlying data is secure. Your expertise will enhance the support we provide to a wide variety of entities, including commercial enterprises and government organizations. Join us and be at the forefront of securing the data our customers rely on, while enjoying a dynamic and collaborative work culture that values innovation, growth, and teamwork.

This position operates with minimal government lead supervision supporting the Department of Defense (Navy). Our company also does commercial work outside of the DoD which occasional pull teams members based on interest and skillsets.

• Experience in participating in multi week red team security assessments or continuous operations
• Design and execute complex adversary simulations using cloud infrastructure, redirectors, and social engineering techniques. Identify and deploy attack vectors, including phishing campaigns and multi-stage attacks, leveraging cloud-based resources and redirectors to emulate real-world threat actors and evaluate the organization's defense mechanisms and/or capture security metrics
• Performs vulnerability analysis and exploitation of applications, operating systems or networks with a focus in building attack chains that have direct business impact
• Conduct in-depth analysis to identify and evaluate vulnerabilities and weaknesses within company systems
• Devises tests and scenarios for various penetration tests and Red Team activities. These will be tailored to whichever client is being supported on engagements and focus on most likely adversary TTPs, crown jewels, and potential security gaps in the client’s defense
• Documents results and communicates them to engineers and management
• Provides recommendations for new technologies and system designs according to test results
• Develops automated testing programs where possible
• Utilizes Red and Purple team assessment methodologies and adds to the methodologies as appropriate
• This position could require significant travel to client sites

Required Qualifications:

• Bachelor’s degree in related field or 5+ years of relevant experience in information technology or cybersecurity.
• Deep understanding of network protocols, configurations, security technologies, and security practices, including network security, operating system hardening, database security, and web application security for both local (on-premises) and cloud computing solutions.
• Deep understanding of common vulnerabilities and attack vectors, including experience identifying and exploiting vulnerabilities in operating systems (e.g., Windows, Linux, and macOS), network devices (e.g., firewalls, routers, and switches) and web applications and application program interfaces (e.g., SQL injection, cross-site scripting and cross-site request forgery).
• Leverage commercial and open-source tools for scanning and security testing (e.g., Nmap, Nessus, Kali Linux, Cobalt Strike, Virtualization, Burp Suite, etc.)
• Active DoD 8570 IAT Level I or greater and at least one of the following certifications in good standing: OSWA, GWAPT, GXPN, GPEN, OSCP, OSWA, OSWE
• Active DoD Top Secret clearance

Preferred Qualifications:

• Non attributional infrastructure deployment and automation
• Knowledge of MITRE ATT&CK or D3FEND frameworks
• 2+ years of recent and direct experience with Red Team security operations
• 4+ years of recent and direct experience with penetration testing and vulnerability assessments
• Comfortable using Scripting Languages preferred (must be able to read/modify scripts in Python, Ruby, Lua/NSE, PowerShell scripting languages)
• Experience emulating specific ATPs
• Full spectrum red teaming experience a plus
• Red team knowledge management and mentorship a plus

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status