Basic Function: This lead position will provide expert guidance on the appropriate selection, design, implementation, and configuration of security controls.
Ensures that the vision and strategy of the Cybersecurity program is incorporated into all phases of the project development life cycle.
Uses professional knowledge, skills, and experience interpreting and then communicating cybersecurity policies, standards and best practices during the project development lifecycle.
Responsibilities: Responsible for understanding the enterprise architecture to identify security gaps, develop controls and design solutions that meet business objectives while complying with security standards.
Provides security guidance to business units and technology teams through the support of Cybersecurity Polices and Standards augmentation with security requirements.
Engage with Technology Teams to assess the security risk of proposed projects and system/application modifications.
Performs and oversees basic to complex security analysis to identify and remediate any gaps.
Provides strategic and tactical security guidance, including the evaluation and recommendation of technical security controls.
Remains current with industry trends and security threats to advise management on how to mitigate and contain risks to the business.
Demonstrates the ability to enlist expert resources when necessary.
Ensures timely completion of project assignments and tasks.
Duties also include participating in design decisions for Active Directory security for new and existing applications and utilities.
Minimum Qualifications: 2 years of college and ten years of technical experience including Cybersecurity/Information Security experience or in lieu of a degree, 14 years of related experience.
Prior management experience is required.
Strong knowledge of security technologies and architecture, including encryption, cloud network security design, security group configuration, intrusion detection, data loss prevention and application security.
Knowledge of NIST standards and controls, NIST SP800-53r4.
Demonstrated experience working with cross-functional teams.
Strong written and verbal communication skills, particularly an ability to negotiate, influence and gain consensus.
Ability to present complex information in a clear, concise manner.
Ability to work individually as well as a member of a team.
Ability to handle multiple tasks and work under time constraints in support of various projects.
Working knowledge of Active Directory security.
Working knowledge of project management methodology.
Preferred Qualifications: CISSP Certification