Focus Financial Partners - Senior Manager, Infrastructure Protection Operations

• Team Leadership & Development: Manage and mentor a team of infrastructure security professionals. Oversee staffing, coaching, performance management, and skills development to build a high-performing IPO team, fostering a culture of accountability, continuous improvement, and collaboration. • Team Leadership & Development: • Vulnerability Management Program: Oversee the end-to-end vulnerability management program, including vulnerability scanning, patching, and remediation activities across servers, endpoints, and network devices. Ensure remediation timelines meet defined Service Level Agreements (SLAs) and escalate exceptions or delays to senior leadership. Track and report on vulnerability metrics to drive accountability and risk reduction. • Vulnerability Management Program: • Endpoint Security & Hardening: Ensure robust endpoint security by overseeing the team’s management of antivirus/EDR solutions, device hardening, and security baseline compliance. Confirm that endpoints (workstations, servers, etc.) adhere to secure configuration standards and direct timely remediation of any deviations or endpoint risks. • Endpoint Security & Hardening: • Network & Application Security Operations: Direct the operational management of network and application security controls. Oversee firewall, proxy, and web application firewall (WAF) policy enforcement and tuning in line with established security standards and architecture guidance. Ensure the team effectively monitors and responds to security events related to network, cloud, and application infrastructure, maintaining secure configurations and promptly addressing vulnerabilities or misconfigurations. • Network & Application Security Operations: • Operational Compliance & Audit Readiness: Ensure that infrastructure operations consistently comply with enterprise security policies, baselines, and regulatory requirements. Supervise recurring operational compliance checks and evidence collection for internal and external audits. Proactively address and remediate compliance deviations, maintaining audit readiness and documentation of controls at all times. • Operational Compliance & Audit Readiness: • Secure Build Coordination: Collaborate with Cloud, Systems, Network, and Identity & Access Management (IAM) teams to integrate security requirements into infrastructure builds and changes. Validate that new systems and services are built in accordance with secure-by-default Ensure patch cycles, backups, and recovery processes for new deployments meet security and resilience standards. • Secure Build Coordination: • Privileged Access Management Operations: Provide oversight for the enterprise’s privileged access management (PAM) operations and tooling. Ensure secure administration of privileged account vaults and credentials, enforcement of break-glass procedures (in partnership with IAM), and regular review/rotation of privileged access across all infrastructure teams. • Privileged Access Management Operations: • Security Tooling & Monitoring: Ensure effective operation of key infrastructure security tools and monitoring processes. Oversee the team in maintaining and optimizing tools such as vulnerability scanners, EDR platforms, and configuration compliance systems. Leverage dashboards and reports to monitor infrastructure security alerts and the overall protection posture, driving continuous improvements in threat detection and response. • Security Tooling & Monitoring: • Governance & ARB Alignment: Represent the IPO team in governance processes and Architecture Review Board (ARB) discussions. Ensure that proposed infrastructure changes meet security control requirements and obtain necessary approvals. Drive the submission and tracking of any security exceptions or control deviations through governance workflows, partnering with Enterprise Architecture, Security Engineering, and other stakeholders to align on secure design and policy enforcement. • Governance & ARB Alignment: • Disaster Recovery Alignment: Maintain disaster recovery (DR) readiness for IPO-managed security tools and processes. Ensure that procedures for recovering critical security infrastructure (e.g., security monitoring consoles, vulnerability scanners, policy stores) are documented and periodically tested. Align the IPO team’s DR plans with the broader enterprise DR/BCP (Business Continuity Plan) to guarantee rapid restoration of security capabilities during disruptions. • Disaster Recovery Alignment: • Security Engineering Partnership: Drive alignment between Security Engineering priorities and Infrastructure Operations and Architecture outcomes to support the desired future technology footprint (secure, compliant, and supportable). • Security Engineering Partnership: