Cyber Security Leader

Job Description

Job Description

Company Overview : Gexpro Services is a world-class Supply Chain Services outsource provider, specializing in developing and managing production inventory management programs.

Our managed inventory programs are designed to support manufacturing OEM’s with their engineered production material specifications, fulfillment, and quality requirements.

Retention Bonus : Gexpro Services is offering a retention bonus up to $1,000 paid in two increments following 90 and 180 days of employment for external applicants only.

Benefits : Gexpro Services offers a comprehensive benefits package that includes :

• Competitive compensation plus annual bonus
• Medical, dental, vision, life insurance and pet insurance
• Flexible Spending Accounts
• Employee assistance program and Health wellness programs
• 401(k) immediately with a competitive match.
• Several paid holidays and paid time off that includes personal, sick and vacation time

Cyber Security Leader Essential Responsibilities

• Partner with the IT team, MSP / MSSP and other key risk management stakeholders to plan and execute our broader cybersecurity strategy.
• Coordinate security, privacy, and risk assessments of our environment
• Use business acumen and strategic thinking to apply the right set of IT security and data privacy practices and standards that meets business need and risk philosophy.
• Author policies and partner with others to establish procedures relative to these security best practices.
• Conduct audits of security controls to ensure compliance with established practices and procedures.
• Develop and document analysis and response processes (playbooks).
• Coordinate tests of our incident response.
• Lead security and data privacy improvement projects as appropriate
• Performance management and relationship management of key IT security partners.
• Evaluate new cybersecurity threats and threat trends and develop effective security controls.
• Maintain current knowledge of the security industry and regulatory trends.
• Oversee security awareness programs.
• In partnership with our MSSP, coordinate responses to security breaches.
• Define and report on information security metrics.
• Create and maintains multi-year security and data privacy roadmap.
• Work with our MSP to roll out security patches to company devices.
• Coordinate completion of IT survey / audit responses.
• Lead SOX compliance efforts from an IT perspective.

Cyber Security Leader Skills, Knowledge, and Education Required

• Familiarity with standard network security technology solutions (i.e. firewall, router, VPN, WAF, etc.).
• Familiarity with the use of standard security technology solutions and processes such as access control, user provisioning, directory, SIEM, vulnerability management, Data Loss prevention solutions, anti-virus, single sign-on, auditing, PKI, and Cryptography.
• Familiarity with network protocols, network topologies, virtual infrastructure, network segmentation, operating systems, databases, applications, and mobile security.
• Project management skills.
• Familiarity with SOX IT controls.
• Understanding of privacy laws (GDPR & CCPA).
• Knowledge and experience in vulnerability and risk related security and regulatory frameworks including ISO 27001, NIST, and OWASP Top 20.
• Experience with IT vendor performance and relationship management.
• Communication - Strong written and oral communication skills, as well as presentation skills. Ability to communicate complex ideas in non-technical language.

Good listening skills and ability to fully understand concepts by asking good questions.

• Collaboration Skills.
• Business acumen - ability to separate high value initiatives from low value and articulate the difference.
• Influence - Needs to inspire confidence and credibility and be willing and able to influence others opinions where appropriate.
• Ability to interact with personnel at all levels of the company to obtain, analyze, and discuss business risk and solutions.
• Bachelor’s degree or equivalent experience.

Cyber Security Leader Skills, Knowledge, and Education Preferred

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Information Systems Security Architecture Professional (ISSAP)

DISCLAIMER : The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification.

It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.

GSOperatingLLC is an EEO / Disabled / Veterans employer. All qualified candidates will receive consideration for employment without regard to any characteristics protected by law.