ROLES AND RESPONSIBILITIES
- Manage and oversee a global team of security engineers and analysts to deliver projects to execute against the company’s cybersecurity strategy.
- Develop overall cybersecurity security strategy in coordination with the Director of Global Information Security and VP of Global IT.
- Manage and oversee assessments of our security program and IT architecture to identify gaps, and recommend actionable and realistic changes or improvements.
- Design and create solutions that align enterprise security architecture frameworks and standards (e.g. SABSA, NIST 800-53, ISO 27002), and overall business and security strategy.
- Oversee and perform risk assessments and testing for new technologies and IT projects.
- Develop periodic Board of Directors and Executive Management presentations in coordination with the Director of Global Information Security and VP of Global IT.
- Design policies for systems and software development with the goal of protecting sensitive data.
- Help design a secure infrastructure layer that isolates sensitive data from general access in coordination with Global IT Infrastructure.
- Integral member of the Incident Response Team for all major, high risk incidents of security breaches.
- Works with external law enforcement, management, physical security, Human Resources, Legal, and Finance with the Director of Global Information Security and VP of Global IT to provide technical expertise regarding information security events and incidents.
- Document security requirements and controls for protecting information, systems, and technology assets.
- Define and document how the implementation of a new technology impacts the security posture of the current environment.
- Provide input on security requirements to be included in request for proposals (RFPs), statements of work (SOWs), and other procurement documents.
- Implement and improve Secure Software Development Lifecycle (SSDL) across organizational teams.
- Participate in architectural reviews, threat modeling of applications across development teams.
- Knowledge of application security standards like OWASP ASV, SCVS along with the knowledge and understanding of maturity models like BSIMM, OWASP SAMM or similar models.
- From a CI/CD perspective, create and evolve continuous strong process across software code development reviews by influencing dev teams to write clean code and follow best development practices.
- Self-motivated and solutions oriented. Willing to take on challenges while adapting to an ever-changing global threat landscape across our global brands.
TECHNICAL COMPETENCIES (KNOWLEDGE, SKILLS, ABILITIES)
- Expert in at least one of the following programming languages (C, Java, or Python).
- Well versed in network security, security policies, cryptography, authentication, and secure communication protocols.
- Must be able to review and design rules and policies on firewalls, including web application firewalls (WAFs) in coordination with the network team with a strong understanding of application data.
- Experience in installation and configuration of endpoint security tools such as antivirus and EDR, configuration management, and asset recognition.
- Ability to design and build enterprise monitoring capabilities.
- Expert knowledge of Security Information & Event Management systems (SIEMs) such as ArcSight or Splunk.
- Complete command on dealing with security systems, intrusion detection systems (IDS), intrusion prevention systems (IPS), firewalls, anti-virus software, log management, authentication systems, content filtering, etc.
- Strong technical knowledge of on prem and Cloud environments including Windows, Linux, SQL and Hana database, MS Azure, VMware, Nutanix, etc.
- Work experience in cybersecurity designs for systems, networks, and multi-level security requirements or requirements for processing multiple classification levels of data.
- Knowledge of risk management processes and experience in conducting risk assessments.
- Familiarity with the application of privacy principles to organizational requirements.
- Exceptional written, oral, and interpersonal communication skills.
- Ability to work and collaborate in a global-team and global-brand environment.
- Ability to effectively work, collaborate, and communicate with global business teams to define project requirements and deploy projects and train end users for major projects.
- Ability to meet tight deadlines and to prioritize tasks.
- Innovative thinker who is self-directed and resourceful.
EDUCATION AND EXPERIENCE
- Bachelor’s degree in Computer Science or equivalent work experience.
- Minimum 8 years in IT, with 5 years of information security experience across a combination of Antivirus, EDR, IDS/IPS, Firewall, SIEM, FIM, Database, and application monitoring technologies.
- Minimum 3 years’ experience in leading technical teams.
- Experience and proven track record working on large scale, global, enterprise information security projects and programs.
- Proven work experience as an information security manager, architect, and/or engineer. Experience in using software / hardware / networking tools for White-Hat Hacking is a plus. Hands on Linux and Windows Administrator functions.
- Previous experience working in a highly regulated industry that collects personally identifiable information (PII).
- Experience with Incident Response (IR), forensic, and “hunting” for security events.
- Security certifications, such as AWS Certified Solutions, PenTest+, OSCP, would be a plus.
- CSSP, CCSP, CISSP, CISM or similar certification required.
- Strong knowledge and competence in a variety of industry and regulatory frameworks for cybersecurity, data privacy, and IT such as ISO 27001, ISO 27017, PCI-DSS, SOX-404, NIST CSF, NIST SP 800-53/ITSG-33, CCPA and CPRA, GDPR, ITILv3, SOC 2, and SOC 3.
PHYSICAL REQUIREMENTS / WORK ENVIRONMENT (if applicable)
- Work is performed in a designated professional office workstation and environment.
- Extensive use of office equipment to include computer, calculator, copier, fax, and other business related machines and software.
This job description indicates in general terms, the type and level of work performed as well as the typical responsibilities of employees in this classification and it may be changed by management at any time. Other duties may also apply. Nothing in this position description changes the at-will employment relationship existing between the Company and its employees. Distribution of this item outside of the Company without an authorized release is a violation of Company policy.