Compensation: $165K - $175K / Year
Minimum Education: Bachelors
Job Type: Full Time
Jobcode: TJKJA36
Salary is quoted above; bonus adds an additional 25% - 30%
Responsible for all aspects of security engineering, architecture, vulnerability and threat management for the organization.
Position will be responsible for security engineering, architecture, infrastructure and application vulnerability assessment, as well as threat management, incident response, investigations, forensics, and intelligence gathering.
Responsibilities
· Establishes enterprise-wide strategy for the Threat and Vulnerability Management (TVM) Program with emphasis on creating a mature program with established key initiatives/projects focused on the reduction of technology risk in the firm as well as identification through vulnerability assessment programs risks that exist across the firm that require technical and/or process remediation.
· Oversees the teams responsible for security engineering, architecture, infrastructure vulnerability assessment, application vulnerability assessment, and threat management.
· Develops information security strategies, conducting security assessments, and implementing security solutions to assist business with the assessment and improvement of their security infrastructure.
· Leads teams to generate a vision, establish direction and motivate members, create an atmosphere of trust, leverage diverse views, coach staff, and encourage improvement and innovation.
· Manages a program responsible for the analysis of security threat information (viruses, malicious code, industry events, hackers and zero day exploits, OEM weaknesses, intrusion logging, etc) in order to proactively prepare for security events.
· Directs and manages the incident response process. Coordinates response, triage and recovery activities for security events across Technology and Business Units Investigation Support.
· Manages and coordinates technical aspects of internal investigations in support of Audit, Legal, Human Resources, Corporate Security and Executives.
· Develops monitoring for security controls across the IT infrastructure. Risk ranks identified issues and coordinates with technology owners to manage security risk to an acceptable level and ensure technology meets security control standards.
· Develops metrics and reporting across all threat vectors which identifies current threats and the company's ability to defend against those threats.
· Manages team personnel and finances, continuously develops and optimizes / improves processes, develops process measures and controls, tests and reports on process controls, integrates with IT and Corporate control and Compliance processes.
Qualifications
· 10+ years of Information Security, Technology Audit, IT Compliance or IT Management experience in a large scale / complexity company.
· 5-10 years of hands-on technical experience in security engineering, threat, or vulnerability management domains.
· Demonstrated experience building and improving technology security programs within responsibility areas described above.
· Current understanding of best practices, management techniques and industry trends within responsibility areas described above.
· Superior communication and influence skills, ability to gain agreement and support at all levels in the organization.
· Demonstrated ability to present program performance metrics and results to senior management.
· Experience in vendor management and negotiation.
· GIAC, CISSP, CCIE, CCSE, CISA and/or CISM certifications a plus.
Email resume in Word to TheBigGameHunter@cisny.com. Please include the job code for the position with your resume.
PAID RELOCATION. NO VISA TRANSFERS. NO OVERSEAS RESUMES. NO 3RD PARTIES.
To receive a complimentary subscription to my job search ezine, No B.S. Job Search Advice, go to www.JeffAltman.com to subscribe.
Receive tweets from Twitter with job search tips and job listings – TheBigGameHuntr