CIT is seeking a Security Platforms AVP to manage and support Information Security application services.
The AVP is expected to be able to independently deploy and maintain security management technologies in all phases of the platform life cycle.
The position’s primary focus will be to manage Information Security applications and tools. This person will work closely with the Information Security team to provide support, deliver new initiatives, and manage uptime and upgrades. The role will also include project and budget management of multiple cross-functional projects supporting the services’ business needs.
Oversee all aspects of the configuration, development and operation of IT Security applications, including integration into the overall application landscape
Provide outstanding customer service to the IT Security organization.
Develop and maintain a roadmap of the application’s upgrades and developments
Manage a portfolio of application-related projects, and directly manage selected projects within that portfolio
Coordinate with team leads to ensure applications are sound and adhere to architectural guidelines
In association with business personnel, map as-is and to-be business processes and develop plans to transition from the as-is to the to-be state
Self-motivation, teamwork and experience working in a fast paced environment are highly desired. The ideal candidate should have a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications and operating system functionality. The candidate should be able to quickly assimilate new information while understanding the threat vectors and how to properly assess them. The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues. This position calls for an individual who exhibits thoughtful introspection but is also able to assess a broad spectrum of issues. A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel.
Hands on experience with Application Security controls including design, dynamic scans, static code analysis for control flow and analysis.
Experience with security technologies including Data Loss Prevention (DLP), Database masking, Data access management, Web application firewalls, Vulnerability scanning, Proxy, DDoS protection, Advanced threat and malware detection, SIEM, etc. Knowledge of TCP/IP Protocols, network analysis and network/security applications.
5+ years of experience with security frameworks (e.g., ISO 27002, NIST, etc.)
5+ years of experience running security related software;
5+ years of technical security experience in applying information security best practices
Ability to multi-task without compromising deadlines and assignment expectations
Take direction from project management and work as part of a collaborative team
Basic project management competencies such as following process and protocol for project delivery, ability to identify project risks, project multitasking, and ability to self-manage when appropriate
Ability to execute assessments as defined in project plans, within assigned budgets and due dates
High motivation, integrity, and commitment to self-development
Strong written and verbal communication skills
Broad industry knowledge within Information Security