|Location||Riviera Beach, FL|
|Date Posted||November 28, 2019|
Contract to Hire
Reporting to the Chief Information Security Officer (CISO) of our Client, the Director, Security Architecture and Engineering (“Director”) will have accountability for designing, operating and optimizing the Cybersecurity Architecture and Engineering function.
The scope of the Director role includes establishment of a vision for the security program, security architecture function, standards and security awareness and training. Your responsibilities include the leadership of professional teams in several security domains, including Security Architecture, Application Security, Cloud Security, Identity & Access Management, & Public Key Infrastructure (PKI). In terms of teaming, the Director will lead a lean internal team that is supported by a leading Managed Service Provider (MSP) and other service providers. The Director will be responsible for defining security capabilities to protect company information assets that is supported by a strategy and roadmap.
- Thinks strategically – Sets direction aligned to the company’s business and security strategy, applying external and global perspective to meet our needs.
- Creates partnerships – Authentically builds trusted relationships and collaborates across diverse and multi-functional internal and vendor teams to successfully drive business objectives.
- Models our values – Creates a culture that promotes the company’s values and standards through role modeling, accountability and ownership of decisions.
- Drives results – Sets aggressive goals and is accountable for continuously driving improved performance, leading change and ensuring high standards.
Ownership of the Information Security Architecture function. This includes:
- Regularly partnering with the business and Digital teams to understand their strategic objectives /goals, technology needs, and emerging trends
- Setting overall cyber security architecture direction for the enterprise, to ensure consistency where practical
- Define enterprise level cyber security measures and reference architecture patterns, and manage traceability between business strategy and cyber security
- Provide technical guidance for designing security capabilities in a cloud and traditional MSP/outsourced IT environment.
- Work collaboratively with the Enterprise Architecture team to design and implement enterprise security capabilities into solution architecture
- Serve as an escalation point for security architecture decisions that span multiple business divisions.
Ownership of the Information Security Engineering function. This includes:
- Lead a team to engineer security tools / solutions to support data protection and transaction processing.
- Participates in major new system implementation projects to ensure that appropriate security controls are built into systems prior to production cutover.
- Contribute to cyber security roadmap development for enterprise level systems and ensure alignment with overall security strategy.
- Drives process improvement and control implementation projects in coordination with the larger Digital Technologies team.
Qualifications & Experience:
Demonstrated success in implementing an Information Security Framework, solution and service, from design, engineering through implementation for a reliable operation of a medium to large organization 12-15 years of broad technology or cybersecurity experience, especially as it relates to managing global information security programs. Expertise in designing, monitoring and optimizing security measures to protect information assets (including IP and transaction processing systems) in cloud-based solutions (IaaS, PaaS, SaaS) Experienced in designing and monitoring security services (e.g., security monitoring, access administration, data protection, etc.) by leveraging managed service provider (MSP) and cloud-based solutions Sound working knowledge of industry leading practices (ISO, NIST, SANS, COBIT, TOGAF) and legislative / regulatory compliance requirements (SOX, PCI, GDPR, etc.). Relevant security certification is desired (e.g., CISSP, SANS GSEC, CEH, CISM, etc.) Broad knowledge of Digital transformation initiatives, data management, operating systems and cloud platforms (e.g., Azure, GCP). Strong verbal and written communication skills Excellent analytical and technical skills. Bachelor’s degree and related field; advanced degree in management or a related technical field will be a plus.