DUTIES AND RESPONSIBILITIES: Develops and maintains a complete understanding of Aligned's technology and information systems.Directs the development and maintenance of Incident Response Plans and Cybersecurity procedures for information technology.Maintains current knowledge of the cyber security industry, digital privacy regulations, and standards for all regions.Identifies and communicates current and emerging security threats.Directs the architecture, design, build, implementation, and support of enterprise-class security systems based on the Center for Internet Security (CIS) controls and related standards.Designs security architecture elements to mitigate threats as they emerge.Anticipates stakeholder needs to discuss potential security and privacy solutions.Oversees and analyzes security assessments, including security program reviews, penetration testing, vulnerability testing, risk analysis, and provides recommendations related to findings.Creates solutions that balance business requirements with information and cybersecurity requirements.Reviews and recommends security configuration and policies for firewalls, VPN systems, routers, IDS scanning technologies, servers, computers, mobile devices, audio/visual devices, IOT and IT systems.Ensures integration of projects and adjusts project scope, timing, and budgets as needed, based on the needs of the organization.Reviews and analyzes system logs, security tools, and network traffic for unusual or suspicious activity, and makes recommendations to restore secure operations.Reviews and tests new security software, tools and/or technologies to determine applicability to operations.Directs ongoing interviews and assessments with internal groups and management for the purpose of learning how employees interact with technology and to integrate cybersecurity measures.Works closely with internal auditing, legal, and IT teams to ensure compliance with applicable legal, regulatory, and industry requirements (e.g., FERPA, HIPAA, PCI-DSS, FIPS, NIST, CISA, ISO 27001, etc.).Works with Senior Leadership to formulate a comprehensive, strategic technology plan that is consistent with the overall business objectives and budgetary considerations.Oversees annual operating and capital budgets for all security platforms and hardware.Manages suppliers and vendors for information security and cyber security.QUALIFICATIONS: Equivalent experience or graduation from an accredited 4-year college or university degree in a job-related field of study.Five (5) years of experience in responsible information security and cyber security management.Practical experience in Red, Blue, and Purple INFOSEC tasks and roles.Experience deploying and managing cyber security, digital privacy, and information security solutions for remote access, identity access management, and cloud-based services.Experience leading ITIL V4 based processes (incident, change, problem, root cause analysis).PREFERRED CREDENTIALS: CISSP - Certified Information Systems Security ProfessionalGSLC - GIAC Security LeadershipCISM - Certified Information Security ManagerCCSP - Certified Cloud Security ProfessionalPREFERRED CLEARANCES: SCI/SAP L ClearanceSCI/SAP Q ClearanceCompleted & Cleared DCSA Background
#J-18808-Ljbffr
