Vacancy expired!
- Work with the Director of Security Operations to ensure the security program addresses identified risks and business requirements.
- Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing the Director of Security Operations with a realistic overview of risks and threats in the workforce and consumer environments.
- Work with project team in the implementation of the Information Security strategy.
- Identify process improvement opportunities and develop subsequent plans of action to resolve gaps with minimal management intervention.
- Work with the Director of Security Operations to develop budget projections based on short- and long-term goals and objectives.
- Monitor and report on compliance with security policies and standards, as well as the enforcement of policies within the IT department.
- Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
- Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors and regulatory bodies.
- Provide security communication, awareness and training for audiences which may range from senior leaders to field staff.
- Work as a liaison with vendors and the legal and purchasing departments to establish mutually acceptable contracts and service level agreements.
- Manage production issues and incidents and participate in problem and change management forums. Manage and coordinate operational components of incident management, including detection, response and reporting.
- Manage the day to day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
- Manage security projects and provide expert guidance on security matters for other IT projects.
- Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
- Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
- Demonstrated experience managing experienced staff in the implementation of the Information Security strategy. Demonstrated experience in the identification, plan for resolution and execution of action plans for complex problems in a regulated environment.
- 5 10 Years of IT experience (Preferably 3+ years of information security experience)
- Bachelor's degree in Computer Science or Information systems required
- Experience with Workforce Identity Access Management tools is required (Okta, CA IDM/SSO/PAM, SailPoint, Net IQ, HashiCorp Vault)
- Preferred
- Experience in development is preferred
- Experience running custom reports from LDAP and SQL Databases
- CISSP, CISM, or CISA preferred
- CSPO and/or CSM preferred
- Experience working with Splunk, AppDynamics, Threadfix and Rapid7 is preferred
- Experience working with the Atlassian toolset is a plus (Jira, Confluence, BitBucket) is preferred
- Basic Knowledge on ITIL Process
- Excellent problem-solving skills and troubleshooting skills with a strong attention to detail
- A strong customer/client focus with ability to manage expectations appropriately and provide superior customer/client experience and build long-term relationships
- Ability to work independently with minimal supervision
- Experience testing/using/managing Rest API's is preferred
- Experience with securing identities and access for containerization, software provisioning, configuration management, and application-deployment toolsets is a plus
- Experience with CI/CD tools is preferred
- Experience working with process improvement methodologies like Six Sigma or Lean is a plus
- Experience working on a Scrum team is a plus
- A strong customer/client focus with ability to manage expectations appropriately and provide superior customer/client experience and build long-term relationships
- Ability to work independently with minimal supervision
- Experience gathering and facilitating the development of business and system requirements within a broader project team required
- Experience working with sustain teams to resolve technical application issues that fall outside of standard access
- Excellent oral and written communications skills
- Strong administrative, coordination and interpersonal skills
- Ability to use Microsoft Office suite (Word, PowerPoint, Excel and MS Access)
- Working knowledge of SharePoint, MicroFocus Directory Resource Administrator and/or Active Directory
Vacancy expired!