Information Security Team Lead

Job title: Information Security Team Lead

Work Location: New Brighton, MN

Reports to: Global Head of Information Security Operations

Essential Duties and Responsibilities:

The Information Security Team Lead is responsible for providing operational leadership and technical

oversight to the security analyst team within APi North America. The following responsibilities define

the key areas of accountability and daily duties essential to safeguarding company data and driving

continual improvement of our security operations:

Responsibilities:

• Immediate Tactical Lead for Incident Response
• Act decisively to investigate and manage security incidents within each region
• Make immediate operational decisions (such as device isolation) to contain threats and reduce potential data loss, escalating major decisions to the Global Head of InfoSec Operations as appropriate
• Line Management of Security Analysts
• Directly manage a team of cyber security analysts, ensuring strong team performance, motivation, and cohesion through clear communication and supportive leadership
• On-Call Cover and Rota Management. Participate in and coordinate the on-call cover rota for the team
• Technical Coaching, Mentoring and Knowledge Sharing
• Offer both informal mentoring and formal Individual Development Plan (IDP) guidance
• Engage regularly with each analyst in one[1]to-one meetings to explore their career aspirations, technical interests, and development needs, and feed this information back to the Global Head of InfoSec Operations to inform training and progression plans.
• Day-to-Day Management of Security Operations Platforms
• Take responsibility for the effective daily use, management, and oversight of core security operations platforms—including Microsoft Sentinel, Microsoft Defender, ServiceNow Security Operations, GreyMatter, and Ironscales—ensuring analysts use these tools proficiently and efficiently.
• Escalate major platform issues or recommendations for strategic changes to the Global Head of InfoSec Operations
• Data Collation, Analysis, and Reporting. Lead the collation, management, and analysis of all relevant operational security data including incident data, response metrics, and trends
• Present clear, concise, and actionable data insights and monthly team performance reports in meetings with the Global Head of InfoSec Operations and CISO
• Post Incident Reporting (PIR) Drafting. Collate input from the analyst team, draft PIRs for any significant, true-positive ensuring careful examination of root causes, evidence, and technical observations
• Liaise with the Global Head of InfoSec Operations for PIR finalization and communication to senior stakeholders
• Analytical Oversight and Threat Detection
• Oversee and quality assure the investigation and triage of security events performed by the analyst team, ensuring rigorous root cause analysis, timely escalation, and effective application of best practices
• Act as the Technical Voice of Analysts
• Advocate for the analyst team’s findings, feedback, and operational challenges to the wider cyber team and business, particularly when discussing the effectiveness or tuning of SIEM content, detection rules, and overall operational processes
• Engage with the Security Engineering and MSSP teams as required to drive improvements
• Monitoring and Maintenance of Logging Infrastructure
• Ensure the health, reliability, and efficiency of logging tools and integrations, overseeing the timely flow of security logs and rces into the SIEM platform
• Coordinate with the engineering team for the integration of new logging sources, troubleshooting issues, and escalating persistent problems to the Global Head of InfoSec Operations where necessary

Education and/or Work Experience Requirements:

• 7+ years of Information Security and/or IT experience, although demonstrating a true passion for cyber security may reduce this.
• Bachelor’s degree in a related field or equivalent combination of education and experience
• Thorough understanding of fundamental security and network concepts (operating systems, intrusion/detection, TCP/IP, ports, etc.).
• Proficient in MS Office (Outlook, Word, Excel, Teams, and Visio)
• Excellent written and verbal communications, including presentation skills
• Flexibility to work occasionally outside business hours to support security incident response, project work, or maintenance windows
• Excellent organizational and problem-solving skills with strong attention to detail and self[1]organization
• Self-directed and motivated, with a positive and willing attitude
• Experience monitoring and responding to security alerts and incidents
• Deep technical understanding of IT networks, server administration, and IT applications
• Proficient, or able to gain proficiency, with a broad range of security software applications and tools
• Thorough understanding of computer-related security systems such as firewalls, encryption, password protection, and authentication

Benefits and Compensation:

This role will be based out of our New Brighton office. The pay range is $124,500 - $187,100 depending on job-related knowledge, skills, and experience. This position is eligible for annual bonus and profit sharing based on company performance in addition to other benefits that support the total well-being of you and your family. Some benefits include:

• Comprehensive Insurance coverage, Medical, Dental, Vision, and more
• Access to corporate fitness center
• Wellness Program
• 401K with employer match
• Discounted company stock (Employee Stock Purchase Plan)
• Profit Sharing
• Generous paid time off
• Growth opportunities through company sponsored leadership development courses and trainings

This position is not eligible for sponsorship.

All offers of employment are expressly contingent upon the satisfactory completion, in accordance with Company policy, of a pre-employment drug screening and background check.