Lead our information security monitoring and response posture through 24x7x365 monitoring, detection, and response
Drive our DevSecOps Security Operations Center — built on low-false-positive alerting, automated response, and AI — to the next level of maturity
Be accountable as an information security architect for supporting the information security program within IT and business initiatives
Management and leadership of Information Security personnel
Provide Information Security subject matter expertise and security consulting to IT projects and initiatives using information security standards, best practices and approaches, with an emphasis on application security
Develop Information Security requirements across the enterprise for data protection, network protection, and application protection and compliance with regulatory requirements for protection of information
Conduct threat analysis for systems or applications including analysis of current and known security exposures, planning for remediation of exposures, staged and planned penetration testing, vulnerability assessment, and analysis of results
Conduct research on best practices, emerging technologies and threats as it relates to Information Security
Act as subject matter expert on security related control testing, control remediation and incident response

Requirements

Bachelor of Science Degree in Information Technology or equivalent professional experience
CISSP certification or equivalent is highly desirable
SANS certifications or equivalent are desirable
CISA or additional security certifications are desirable
Minimum: 22 - 25+ years of work experience in multiple fields of Information Technology with an emphasis on Information Security
12+ years of this experience, directly in the Information Security field
5+ years experience in a leadership/management role directly leading people
Available to be on-call in support of leading a 24x7x365 SOC environment
Working experience with Intrusion Detection, Firewall Monitoring, System Monitoring
Working experience and ability to conduct application / system Penetration Testing / OWASP using industry standard tools
Extensive knowledge of Security Policy, Standards, Guidelines, and Process Development
Detailed knowledge of secure architectures and their design
Experience in an Commander role in security Incident Response processes
Detailed knowledge of web application development (Java, .Net, Secure configurations)
Working experience collaborating with development teams to understand and remediate application security vulnerabilities
Working experience and ability to conduct network vulnerability testing and remediation
Working experience and ability to conduct Threat Analysis
Strong knowledge of Virus, Worms and Other Malware (Prevention/Detection) and Incident Response
Strong knowledge of Encryption / Tokenization / Key Management
Strong knowledge of access control technologies
Excellent knowledge of Operating systems and platforms (UNIX, Windows, Virtualization, etc.)
Working knowledge of network security (Routing, switching, TCP/IP, DNS, Architecture, WLAN)
Working knowledge of state privacy laws and the PCI DSS
Ability to work with all levels of personnel within the IT department and departments external to IT, in a dynamic and challenging environment
Must consistently maintain a professional demeanor/attitude with all levels of management, employees, customers, and vendors to accomplish organizational goals; take action that respects the needs and contributions of others; take responsibility for actively participating and contributing to team efforts; acts as team facilitator when appropriate
Ability to communicate complicated concepts to both management and technical staff and thrive in a cross-functional matrix environment
Must be self-motivated and capable of working with minimal supervision and/or direction, and proactively manages their own workload
Must be accountable and take direction from supervisor, follow work rules, and keep required work schedules, which include regular and predictable job attendance
Well-balanced interpersonal skills are required
Knowledge of security technologies and their alignment into compliance controls

Benefits

Competitive compensation
Flexibility to work from anywhere in the United States for most positions
Paid time off (vacation time, sick time, 9 paid Company holidays, volunteer hours)
Incentive bonus programs (potential for holiday bonus, referral bonus, and performance-based bonus)
Medical, dental, vision, life, and pet insurance
401 (k) retirement savings plan with company match
Engaging work environment
Promotional opportunities
Education assistance
Professional and personal development opportunities
Company recognition program
Health and wellbeing resources, including free mental wellbeing therapy/coaching sessions, child and eldercare resources, and more

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Intrusion DetectionFirewall MonitoringSystem MonitoringPenetration TestingVulnerability AssessmentThreat AnalysisApplication SecurityNetwork SecuritySecure ArchitecturesEncryption

Soft Skills

LeadershipCommunicationInterpersonal SkillsTeam FacilitationSelf-motivationAccountabilityCollaborationProblem-solvingAdaptabilityProfessionalism

Certifications

CISSPSANSCISA