Job Description: • 2-minute read •
Secure Development, Architecture and Engineering
Integrate and automate security testing into development processes.
Lead training efforts to educate DevOps teams to prioritize security risk in all aspects of development, including APIs, data protection and more
Plan, design, and implement security systems and software, including
SIEM tools
intrusion detection / prevention systems
advanced behavioral analytics
advanced malware protection tools
web application security and code scanning tools
Review existing security architecture, identify design gaps, and recommend security enhancements
Stay abreast of emerging security technologies and integrate them into security architecture as needed
Information Security Operations
Create and maintain security policies, controls, and incident response plans
Manage the development and maintenance of policies, standards, processes and procedures to assess, monitor, report, escalate and mitigate risk and compliance issues
Review alerts and data from sensors and document formal, technical incident reports
Produce vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
Create tools for regular reporting of the security program, activities and progress across the organization
Research emerging threats and vulnerabilities to aid in the identification of security incidents
Risk Management and Security Awareness
Maintain a security strategy that incorporates business and technology objectives and outputs from risk assessments
Make sure that information security policies, procedures, and best practices are communicated to all personnel and that compliance is enforced
Build a culture of security and create a compelling security vision and strategy for the company
Monitor and spread awareness of trends in the threat landscape
Engage leaders from Technology and the business to understand and prioritize cyber-security risks through formal risk assessments
Build and institute a risk management program to focus on cyber-security investments
Educate and advise technology and business leaders on technology risk and compliance issues, as well as appropriate mitigation strategies and approaches related to security and risk management
Qualifications
6+ years of information security experience in increasingly responsible roles
Professional certification in information security (for example, CISSP, CISM or CISA) desired
Ability to effectively work across organizational boundaries to build a case for change
Experienced in, and able to formulate, the cost effectiveness benefit of security initiatives in the context of overall business risk mitigation and the company’s operational objectives
Demonstrated understanding of recognized security industry standards and leading practices such as the NIST Cybersecurity Framework
Knowledge of technological trends and developments in the areas of information security, risk management, web architectures and cloud computing
Experience managing teams
Pass it on for Referral Bonus. Not the right role for you, but know someone we should meet? Share with him to earn $1,000 referral bonus.
Secure Development, Architecture and Engineering
Integrate and automate security testing into development processes.
Lead training efforts to educate DevOps teams to prioritize security risk in all aspects of development, including APIs, data protection and more
SIEM tools
intrusion detection / prevention systems
advanced behavioral analytics
advanced malware protection tools
web application security and code scanning tools
Review existing security architecture, identify design gaps, and recommend security enhancements
Stay abreast of emerging security technologies and integrate them into security architecture as needed
Information Security Operations
Create and maintain security policies, controls, and incident response plans
Manage the development and maintenance of policies, standards, processes and procedures to assess, monitor, report, escalate and mitigate risk and compliance issues
Review alerts and data from sensors and document formal, technical incident reports
Produce vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
Create tools for regular reporting of the security program, activities and progress across the organization
Research emerging threats and vulnerabilities to aid in the identification of security incidents
Risk Management and Security Awareness
Maintain a security strategy that incorporates business and technology objectives and outputs from risk assessments
Make sure that information security policies, procedures, and best practices are communicated to all personnel and that compliance is enforced
Build a culture of security and create a compelling security vision and strategy for the company
Monitor and spread awareness of trends in the threat landscape
Engage leaders from Technology and the business to understand and prioritize cyber-security risks through formal risk assessments
Build and institute a risk management program to focus on cyber-security investments
Educate and advise technology and business leaders on technology risk and compliance issues, as well as appropriate mitigation strategies and approaches related to security and risk management
Qualifications
6+ years of information security experience in increasingly responsible roles
Professional certification in information security (for example, CISSP, CISM or CISA) desired
Ability to effectively work across organizational boundaries to build a case for change
Experienced in, and able to formulate, the cost effectiveness benefit of security initiatives in the context of overall business risk mitigation and the company’s operational objectives
Demonstrated understanding of recognized security industry standards and leading practices such as the NIST Cybersecurity Framework
Knowledge of technological trends and developments in the areas of information security, risk management, web architectures and cloud computing
Experience managing teams
Pass it on for Referral Bonus. Not the right role for you, but know someone we should meet? Share with him to earn $1,000 referral bonus.
Posts
