Director, Security Operations

The Director, Security Operations is an IT senior management team member responsible for the day-to-day security operations within PPI and help ensure that PPI’s technology environment is operating in compliance with the Information Security Policy adopted by iAFG.  Further, this role will help lead security projects to increase PPI’s security posture.

Responsibilities:

• Manage the day-to-day security operations: Vulnerability management, Incident Management, Security Assessments, Security Configurations, Security Operation Centre (SOC), End-user Awareness, Phishing, Security Orchestration, Automation, and Response (SOAR)

• Ensure the day-to-day operations are meeting the requirements of the iAFG Security Policy Framework

• Work with VP, Information Technology and Security to ensure proper monitoring the security posture of the PPI Network, Systems and Infrastructure

• Work with VP, Information Technology and Security to develop annual budget based on short- and long-term goals and objectives

• Work directly with other business units while managing implementation of new security projects

• Ensure the proper documentation and audit/security evidence is kept and maintained

• Monitor and report on compliance with security policies and assist with the enforcement of policies within the company

• Provide on-going management to the Security Operations Team, including recruitment and selection of staff, training and development, performance management and reviews, vacation scheduling etc

• Collaborate with the PPI IT Operations and Support Teams on security operations tasks as need, and to assist in troubleshooting and incident management as needed

• Work directly with the Security Operation team as needed to assist in day-to-day security operations

• Foster an environment of teamwork to ensure effective synergy and collaboration amongst local and national team members

• Ensure proper change management processes are followed, and as an IT SMT participate in the change advisory board (CAB)

• Lead security team in participating in DevSecOps

• Assist with collaborating and coordinating between the PPI software developers, Infrastructure/Security and IT Operations teams, to ensure we are meeting the operational needs of other teams

• Assist with promoting “Cloud First” and “Infrastructure Led Innovation” mindset across the Security Team

• Assist asset owners and IT staff in understanding and responding to security audit failures reported by audits

• Travel to various PPI locations to assist with security systems implementation, as required

Education, Experience and Skills:

• Bachelor or Master's degree in Information Technology/Computer Science, or equivalent combination of other university degree and IT experience

• A minimum of seven years of IT experience, with five years in an information security role and at least four years in a supervisory capacity

• Strong leadership abilities, with the capability to develop and guide information security team members, and work with minimal supervision

• A deep understanding of the NIST Cyber Security Framework, ISO 27001, CIS, and other industry standard security frameworks

• A deep understanding of the cyber threat landscape, practices, tools, and technologies

• Skilled in project management and able to manage multiple priorities while still delivering to deadlines

• Well-established track record of delivering outstanding results in alignment with corporate objectives

• Excellent interpersonal and relationship building skills with a demonstrated client-centered focus

• Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans

• Strong analytical skills to analyze security requirements and relate them to appropriate security controls

• Excellent verbal and written communication skills

• Experience in application technology security testing (white box, black box and code review)

• Experience in system technology security testing (vulnerability scanning and penetration testing)

• Experience working with legal, audit and compliance staff.

• Knowledge of progressive technology trends

• Must be able to travel

This role is for an existing position. The expected salary range for this position starts at $160,000 and will be commensurate with the candidate’s experience and skill set.

We thank all applicants for applying, however, only those selected for an interview will be contacted.  Your resume may be used for other vacancies.