Director Enterprise Security Operations The Director Enterprise Security Operations through the management of an enterprise-wide security operations center and program; enables the business to operate securely, protect its people, defend its assets and preserve shareholder value. The position is responsible for the management and constant improvement of operational security controls and processes; such as incident response and vulnerability management. This is a leadership role which directs the work of several team members including managers and/or senior managers within a specialized area (i.e., engineering, information technology, business operations); has profit and loss responsibility for the department and is accountable; works with directors, senior directors and/or vice presidents of given department in developing departmental short and long-range objectives, plans, budget and policies. Sets the tone for continuing training requirements of key individuals to ensure that the team is prepared to take full advantage of advances in the technologies used by the company to improve and add new services for our customers. Manage and oversee the Security Operations Center (SOC)and the teamsresponsible for the real-time protection of the Enterprise. Inspire the teams to deliver high levels of performance and quality results while maintaining morale. Act as a positive mentor and coach, with both technical and soft skills. Perform timely management duties, such as annual performance reviews, hiring, andpromotions. Responsible for communicating clear expectations and prioritization to, and measuring andreporting upon those expectations to management.· Leadership (Departmental and staff related activities):
- Requires the ability to perform highly complex and diverse duties under deadlines and operating constraints. Capable of delivering large, highly complex projects, often involving the coordination of activities of other business units in the company.
- Requires ability to develop, recommend, and execute plans and programs with greater organizational impact.
- Must have knowledge and technical expertise in the area of responsibility and company policies/procedures.
- Position is expected to provide functional leadership, oversight and guidance to staff and groups assigned, while fostering teamwork within area of responsibility.
- Responsible for hiring, leading, developing and managing the performance by those reporting to this position, establishes and communicates clear performance expectations, and makes recommendations for salary increases.
Continuously improve and advance the organizations operationsecuritycapabilities, focusing on process and procedures.
- Security Operations (prevention & identification):
- Oversee the organization's security operations.
- Research, develop, and implement security plans and policies associated with the organization's communications and other business systems.
- Provide leadership to Security Operations Center; ensuring effective operational procedures are in place along with all tasks, activities and controls necessary to run a 24x7 SOC.
- Responsible for the clear communication of the current threat and vulnerability landscape.
- Lead the development of operational security controls, procedures and tools to defend people and assets against current and emerging securitythreats/risks.
- Lead the development and implementation of security configurations and standards.
- Management of escalations and exception requests.
- Establish reporting and information sharing relationships with external organizations for the purpose of tracking threat intelligence and security incidents within the region and the industry.
- Provide regular and consistent reporting as to the status of security operations.
Security Program Management:Actively participate in the ESO management team. Support other ESO directors and managers to advance their department’s programs and achieve their goals. Contribute to the overall maturity of the informationsecurityprogram.
- Security Program Administration (preparation & prevention):
- Lead the continuous development of operational security policies, procedures & standards.
- Manage and supportrisk based assessments of systems, networks, applications and vendors based upon contractual requirements, security policies, best practices and industry standards/regulations; reporting findings and assisting in remediation of vulnerabilities.
Project and Resource Management: Working with the department’s Program/Project Management Office, ensure the successful implementation of complex newsecurity systems, controls andprocesses. Collaborate withinternal and external resources in order to achieve successful outcomes. Finalize documentation andsupport materials for assigned technology systems andinfrastructure. Participate with defining, monitoring andreporting upon control compliance and effectiveness.
- Incident Response (detection, eradication, containment & recovery):
- Provides calm and clear leadership during major security incidents.
- Develop and ensure the (24x7) ability of the SOC to rapidly respond to, contain and eradicate security incidents.
- Continuous improve and refine the securityincident management process.
- Oversee fraud and forensic investigations
- Oversee and manage security violations and incidents.
- Oversee post-event reviews of security incidents and present root cause analysis and recommendations.
Vendor, Contract and Budget Management: Responsible for departmental and projectbudgets and ensuring efficient use of resources. Managesvendor relationships to ensure quality services. Manages ESOcontracts and procurement ofsecurity solutions in collaboration with procurement and legal. Knowledge, Skills, Abilities:
- Leadership and Management:
- Proven ability to lead an organization to high levels of performance while maintaining morale and personal growth for employees in a union free environment. Ability to act as a positive mentor and coach to subordinates and instill a coaching environment in the organization.
- Proven ability to implement and executive against strategic vision.
- While technically competent, able to maintain focus on Leadership and Management responsibilities.
- Ability to develop detailed capital and operating budgets for the department. Familiar with reporting and tracking tools necessary to assure budget guidelines meet expectations.
- Demonstrated ability to analyze complex challenging problems and situations leading to optimal solutions.
- Ability to develop the organization necessary to meet the group mission and to interface with other units within the company.
- Excellent verbal and written communication required. Must be able to articulate information in presentation format in front of internal and external customers.
- Technical Competencies:
- Ability to work independently, manage projects, and exercise judgement in reaching solutions.
- In-Depth understanding and working knowledge of information security data and processes.
- Ability to work and coordinate with multi-team environment including program managers, business analyst, IT analyst and other security professionals.
- Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals.
- Demonstrated experience with networks, information classifications, and confidentiality requirements associate with high security environments.
- Knowledgeable of technological trends and developments in the area of information security and risk management.
- Knowledge of firewalls, anti-virus, intrusion detection/intrusion prevention systems, virtual private networks, remote access systems, networkzoning, centralized monitoring, and application scanning.
- Knowledge of information security and risk control frameworks, business continuity, and IT disaster recovery frameworks.
- Knowledge and experience of operation methodologies, such as ITIL.
- Experience in creation, design, development and implementation of dashboards.
- People, Team and Self:
- At all times is a model example of GCI’s values, principles, ethics and code of conduct, is a model example of integrity and trustworthiness, honors the confidentiality of information entrusted to them, promotes, and fosters the mission statement for the Enterprise Security Office.
- Ability to develop and maintain productive relationships with peers and managers across the enterprise.
- A strong customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships.
- Demonstrated ability to discuss complex technical details with extended support staff and translate into non-technical communication.
- Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
- Ability to interact with GCI's personnel at all levels and across all business units and organizations, and to comprehend business imperatives.
- Ability to work independently while handling multiple projects with changing priorities and deadlines.
- Excellent verbal and written communication skills and the ability to interact professionally with a diverse group of executives, managers, and subject matter experts.
- Excellent organizational, planning and time management skills
- Ability and capability to work with only minimal supervision.
- Strong written, verbal and presentation communication skills.
- Ability to work flexible hours and some weekend work may be required
- Minimum of twelve (12)years of professional (relevant)experience in; Information Security, Cyber Security, Physical Security, Information Technologyinfrastructure, application development,support & operations, systems administration, access control, cryptography, technologyarchitecture, critical analysis, disaster recovery,investigations, compliance, or technical legal areas (such as those involved inlaw enforcement, prosecution, defense, orforensics). To include:
- Minimum of ten (10) years’ experience in Information / cybersecurity;
- Minimum of five (5) years of managerial experience with proven experience building and leading strong teams.
- Minimum of four (4) years’ involving production operations; e.g. incident, change, service management.
- High School diploma or equivalent is required.
- Bachelor Degree in computer science, technology, security or in relevant field required. In addition to minimum experiencerequired, degree may be substituted on a year for year basis with relevant exempt work experience on a year for year basis. Masters Degree is desired.
- Certifications: Industry specific certifications are highly valued and can contribute toward education. Three (3) of the following certifications are highlydesired
- CISA: Certified Information Security Auditor
- CRISC: Certified in Risk and Information Systems Control
- CISSP: Certified Information Systems Security Professional
- CISM: Certified Information Systems Manager
- GSLC: GIAC Security Leadership
- CSX Certificate, CSX Practitioner, or CSX Specialist
- Other applicable IT, Information Security and Compliance related Certifications
- Driving Requirements (if applicable): Must possess and maintain a valid driver’s license, proof of insurance and a satisfactory driving record.
EEO: We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or another characteristic protected by law