Director of INFOSEC and Cyber Security

DUTIES AND RESPONSIBILITIES :

The full job description covers all associated skills, previous experience, and any qualifications that applicants are expected to have.

• Develops and maintains a complete understanding of Aligned’s technologyand information systems.
• Directs the development and maintenance of Incident Response Plans andCybersecurity procedures for information technology.
• Maintains current knowledge of the cyber security industry, digital privacyregulations, and standards for all regions.
• Identifies and communicates current and emerging security threats.
• Directs the architecture, design, build, implementation, and support ofenterprise-class security systems based on the Center for Internet Security(CIS) controls and related standards.
• Designs security architecture elements to mitigate threats as they emerge.
• Anticipates stakeholder needs to discusses potential security and privacysolutions.
• Oversees and analyzes security assessments, including security programreviews, penetration testing, vulnerability testing, risk analysis, and providerecommendations related to findings.
• Create solutions that balance business requirements with information andcybersecurity requirements.
• Review and recommend security configuration and policies for firewalls, VPNsystems,routers, IDS scanning technologies, servers, computers, mobiledevices, audio / visual devices, IOT and IT systems.
• Ensures integration of projects and adjusts project scope, timing, andbudgets as needed, based on the needs of the organization.
• Reviews and analyzes system logs, security tools, and network traffic forunusual or suspicious activity and makes recommendations to restore secureoperations.
• Reviews and tests new security software, tools and / or technologies todetermine applicability to operations.
• Directs ongoing interviews and assessments with internal groups andmanagement for the purpose of learning how employees interact withtechnology and to integrate cybersecurity measures.
• Works closely with internal auditing, legal, and IT teams to ensure compliancewith applicable legal, regulatory, and industry requirements (e.

g., FERPA,HIPAA, PCI-DSS, FIPS, NIST, CISA, ISO 27001, etc.).

• Works with Senior Leadership to formulate a comprehensive, strategictechnology plan that is consistent with the overall business objectives andbudgetary considerations.
• Oversees annual operating and capital budgets for all security platforms andhardware.
• Manages suppliers and vendors for information security and cyber security.

Qualifications :

• Equivalent experience or graduation from an accredited 4-year college or universitydegree in a job-related field of study.
• Five (5) years of experience responsible information security and cyber securitymanagement.
• Practical experience in Red, Blue, and Purple INFOSEC tasks and roles.
• Experience deploying and managing cyber security, digital privacy, and informationsecurity solutions for remote access, identity access management, and cloud basedservices.
• Experience leading ITIL V4 based processes (incident, change, problem, root causeanalysis).

Preferred Credentials

• CISSP- Certified Information Systems Security Professional
• GSLC- GIAC Security Leadership
• CISM- Certified Information Security Manager
• CCSP- Certified Cloud Security Professional

Preferred Clearences

• SCI / SAP L Clearence
• SCI / SAP Q Clearence
• Completed & Cleared DCSA Background

We know how to fine-tune corporate security because we've led effective and efficient Fortune 500-level security programs.

The SEC helps businesses find the best balance of risk mitigation, cost and innovation.

Want insight delivered to your inbox? Subscribe to Security Insight newsletter.

J-18808-Ljbffr