As Director of Security Operations with DieboldNixdorf Inc, you will direct, coordinate, plan, and organize operational information security activities throughout DieboldNixdorf. You will act as the focal point for all communications related to information security team, both with internal staff, customers, and third parties. This Senior position will work with a wide variety of people from different internal organizational units, bringing them together to manifest controls that reflect a pragmatic program to address information security risks.
Deliverables (ongoing requirements):
• Access Map – Detailing how, where, and when corporate information is accessed. This would include internal resources as well as third-parties, vendors, etc. A key component will be instituting an effective authentication process.
• Cybersecurity – Knowledge of key trends in cybersecurity, and the means to mitigate the threat. Utilizing the appropriate people, processes and technologies in order to manage and raise awareness, and mitigate and contain potential risks, as determined by potential threat vectors.
• Oversees a team of 20+ individuals across the globe
• Data Map – Identification of the most critical repositories of sensitive corporate data. Ensuring the appropriate control environment is implemented in order to reduce the likelihood of loss, or minimize the impact in the event of a breach (malicious, or otherwise).
• DLP Program – Implementation of a Data Loss Prevention program. Build relationships within the business to identify and protect the most vital information, including intellectual property, customer and key stakeholder information, financial data, sales and marketing data, etc. Implement the appropriate technology stack to mitigate the risk.
• Endpoint Protection – Responsible for the protection of all endpoints on the network, or otherwise accessing, managing, or manipulating corporate data. Work with key IT stakeholders in order to deploy the most effective logical tools and technologies. This information should feed the SIEM, SOC, and other tools/programs as needed.
• FS-ISAC – Lead the corporate engagement in the Financial Services-Information Sharing and Analysis Center (FS-ISAC). Manage and utilize the alerts to improve the overall security posture. Take an active role within FS-ISAC, to include participation in the governance structure, and actively providing alerts that are meaningful to other FS-ISAC members.
• Incident Response – Manage the incident response program. Leverage industry leading frameworks (such as CMU/SEI-CSIRT, DHS-CERT, etc.). Ensure a pragmatic program is in-place that will allow of validation, identification, containment, eradication and resumption of normal operations in the event of an information security-related issue.
• Operations Center (SOC) – Build, maintain and mature the Security Operations Center. Employ a 24x7x365 SOC equipped with the appropriately certified and capable individuals that can manage the ever increasing and complex risk landscape. Ensure fusion of threat information utilizing the appropriate toolsets, with SIEM and the anchor for this technology stack.
• Security Tools – Deploy and manage all of the necessary technologies and tools to manage the threat environment (including emerging and obscure malicious threats and nefarious actors). End-to-end ownership of the information security technology stack. Responsible for identifying and recommending tools/technologies that are essential to maintaining a suitable control environment.
• Vulnerability Management – Develop and implement a comprehensive program. Provide for the categorization, identification and prioritization of the threats (based upon a common grading scale such as NVD-CVSS, CVE, MITRE-CVE, etc.). Work closely with the network team and other key IT stakeholders in managing the risk with a nimble and repeatable program.
The ideal candidate will meet the following qualifications:
• A CISSP and / or CISM, with at least 15 years of experience running an Operations (Operational) Security program. Demonstrated acumen and knowledge in the information security space, with a particular understanding and emphasis on cybersecurity.
• Work in building/developing a Security Operations Center, to include a 24x7x365 physical space that incorporates information/intelligence from a variety of sources (fusion intelligence), and synthesizes the output into meaningful and actionable outcomes.
• Proven track-record of program and team management.
• Detailed knowledge and experience around incident management.
• Experienced in budget management, and appropriate allocation of available funding.
• Bachelor’s Degree in Computer Science, or relevant work experience. A Master’s degree is a plus.
• Other Security certifications are a plus.
• Significant exposure to public and private security organizations in including NIST, SANS, DHS etc., and development of key vendor relationships.