Description

Responsibilities

Lead and manage IT and security-related programs and initiatives, ensuring alignment with cross-functional stakeholders, organizational goals, industry best practices, and regulatory requirements.

  • Collaborate with cross-functional teams, including IT, engineering, product, legal, and compliance, to integrate security requirements into business processes and the product development lifecycle.
  • Manage the planning, execution, and delivery of IT and security projects, ensuring adherence to timelines, budgets, and quality standards.
  • Define and track key security metrics and performance indicators to measure the effectiveness of security programs and initiatives, such as vulnerability management, incident management, change management and others.
  • Quantitatively manage the completion of security objectives based on the analysis of data and indicators.
  • Partner with Sales, Customer Success, Engineering and Product teams to manage customer-driven IT and Security requirements, including the coordination of requirements identification and intake, work assignment and scheduling, and integration and delivery.

Preferred Knowledge, Skills, and Abilities:

  • Three (3) years of enterprise-class information technology and security vulnerability management experience with the capabilities in elevating a vulnerability program with proper reporting in place and ability to identify enhancements.
  • Three (3) years of relevant experience in a supervisory capacity managing small to medium sized teams in a large IT enterprise environment.
  • Strong hands-on experience and knowledge with Cloud Technologies: (e.g., related to Fundamentals, Security, Amazon AWS, Microsoft Azure, Google Cloud Platform).
  • Strong knowledge and experience evaluating, designing, testing, and supporting hardware and software-based security.
  • Strong knowledge and experience with information security and network communications practices and principles, technologies, and systems.
  • Proficient knowledge and experience with vulnerability scanning plus risk and mitigation best practices.
  • Ability to stay knowledgeable of cybersecurity trends and emerging threats.
  • Proficient knowledge and proven experience with the following skillsets:
    • Networking/Data Communications
    • Risk Management
    • Operating Systems (e.g., Windows/Linux)
    • Vulnerability management tools such as Tenable and Palo Alto Xpanse
    • Other Security Tool sets/categories (e.g., Firewalls, Routers/switches, Database, Web Servers, Applications); Common vulnerabilities, CVEs, and CWEs; Encryption and cipher technologies
    • Experience with security frameworks such as NIST (e.g., NIST 800-53) and CIS.
    • Demonstrated experience and success with development and promulgation of enterprise-class security policy and standards.
    • Demonstrated experience and success with completion of risk assessments and vulnerability assessments.
    • LAN/WAN operational experience, including networking, OS, web/application/Database servers, storage, hardware, firewalls, and monitoring and detection tools.
    • Excellent people management, communication, and customer interaction skills.
    • Ability to work independently, manage projects, and exercise judgement in reaching solutions.
    • Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals.
    • Demonstrated ability to communicate effectively, both orally and in writing.
    • Experience in scrum, kanban and SAFe.

Certification(s):
·       CISSP, A+, Security+, CEH, CISA, CRISC, or other IT security operations/vulnerability management certifications is a plus, but not required.

Education

Any Graduate