Job Description
This position will contribute to developing and implementing security architecture, standards, procedures, and guidelines for business environments. Recommends new security tools to management and provides guidance and expertise in their implementation. Address high-risk security concerns or incidents. Recommend a course of action to mitigate risk and ensure appropriate standards and best practices are in place.
This position will contribute to developing and implementing security architecture, standards, procedures, and guidelines for business environments. Recommends new security tools to management and provides guidance and expertise in their implementation. Address high-risk security concerns or incidents. Recommend a course of action to mitigate risk and ensure appropriate standards and best practices are in place.
Primary activities/responsibilities
- Research security products, services, protocols, and standards to remain abreast of the developments in the industry and provide solution recommendations as needed to meet business needs.
- Continually research new offensive security tactics, techniques, and procedures.
- Develop technical solutions to help mitigate security vulnerabilities and automate repeatable tasks.
- Manages encryption protocols to protect the business’s data and manage authentication and access controls.
- Proactively assesses potential risk items and opportunities of vulnerabilities in the business environment.
- Provide mentorship and technical guidance to junior-level engineers.
- Experience attacking environments from initial access through actions on the objective.
- Working with vendors on Red, Blue, and Purple team activities: assessments, innovative security strategies, and simulations to improve defenses continuously.
- Supports corporate risk leadership to review enterprise IT and cyber risks, assess capabilities, prioritize security and risk strategies, and communicate risk intelligence to drive business decision-making.
- Measure overall program maturity. Responsible for assuring process efficiency, measurement, and optimization.
- Manage information security budgets and monitor for variances.
- Liaise with external partners, agencies, and peers to ensure the organization maintains a strong, proactive security posture; keep senior management advised about information security issues and implications for the company.
QUALIFICATIONS
Basic Qualifications
- Bachelor’s degree in computer science or related technical discipline and equivalent work experience; advanced degree preferred.
- 10-12 years in Information security or related field experience required.
- Above average attention to detail, accuracy, organizational, interpersonal, and team-oriented skills
- Good interpersonal and communication skills and demonstrable ability to work effectively at all organizational levels. Demonstrable ability to build and lead multi-functional teams.
- Ability to promote innovative ideas and accept the risks that are required to lead change. Must be comfortable with ambiguity; demonstrate strong writing, problem-solving, and creative thinking skills; and have the ability to work effectively with conceptual structures, outlines, and models.
- Builds collaborative relationships and effectively interacts frequently with business and technology senior leadership and vice presidents.
- Good experience in program, financial, and organizational change management.
- Ability to perform several tasks simultaneously to meet deadlines
Preferred Certifications
- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- Certified Information Security Manager (CISM)
- Offensive Security Certified Professional (OSCP)