Uses knowledge of multiple information technologies such as computer systems infrastructure, application and system engineering activities involving design, requirements, development, analysis, implementation, integration, programming or administrative and planning skills to provide task execution and / or leadership and technical guidance across information technology. Depending on experience, develops plans, establishes and monitors progress on projects within a variety of IT department activities toward tactical objectives and goals. Initiates projects by participating in planning and implementation activities such as work/organization breakdown structure development and responsibility assignment matrix development to meet internal or external requirements. Gathers and develops estimates. Controls costs through effective allocation of equipment, software, materials and other resources, and utilizes established project management methodologies. Evaluates resolves or elevates to management as needed disputes in order to ensure compliance with company policies and procedures as well as contractual and regulatory mandates.
- Knowledge of government security guidance (e.g. FIPS-2, NIST SP 800 Series, DISA, FISMA, etc.), network devices, firewalls, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS).
- Experience as a security architect or senior engineer focusing on security.
- Deep understanding of securitytechnologies and methods as they apply in an enterprise environment.
- Deep understanding of security fundamentals and ability to assess current vulnerabilities and threats and develop needed security policies, controls, remediation & countermeasures.
- Possess a broad understanding of general security technologies, including operating systems, networking, physical security, cryptography, PKI, directory services, IPSec, etc.
- Past experience designing, building and integrating securitytechnologies such as SecurityEvent Management, encryption products, data protection or data leakage, GRC tools, identity management, networksecurity (firewalls, VPNs, scanners).
- Experience with commonly accepted industry standards and best practices relating to security, including COBIT, ISO 17799/13335, ITIL, CMM, NIST publications, ISF Best Practices, etc.; specific experience in driving an enterprise security framework based on these practices a plus
- Experience working with senior management at large multi-national corporations.
- Experience in Incident Management best practices
Experience in the securing, development, implementation and maintenance of large-scale systems across multiple platforms Microsoft, Linux, AIX and SUN
- Lead computing security and cyberthreat intelligence teams for the implementation of new security and cyberthreattechnologies.
- Coordinate with other IT teams to ensure computing security changes do not impact applications or business operations
- Build and manage budget and project plans for new or upgrade technology deployments
- Drive operations processes for stability, redundancy and resiliency in the IT security globally
Skills & Experience
- Bachelor's degree in Computer Technology, Information Management or related field required with 3 years Securityexperience.
- Major certification such as: CISSP, CISM, CISA is required
- IT Computing Security and Cyber Threat knowledge
- IT Security Operations standardization and stability
- Manager leadership and mentoring
- IT Computing Security and Cyber Threat Management – 10+ years
- Leading large integrated, global teams
- Leadership, mentoring, negotiating, teaming, communication
- Defense experience
- Networking, Server and Desktop management exposure
- Aerospace experience
- ITIL, SEI/CMM, Six Sigma
- SANS, GIAC or comparable certification also a plus