|Date Posted||March 13, 2019|
Responsible for overseeing the operating leadership in the development, implementation, and maintenance of all enterprise security and compliance policies, processes, practices, and systems. Works with the CISO and operating unit management teams to establish a cybersecurity framework and strategic roadmap for all key security programs. Provides guidance to the CISO regarding the required investment to develop and maintain a secure posture in the environment. Maintain the enterprise-wide situational awareness of information technology (IT) risk landscape. Directs all Cybersecurity Office associates to attain the company’s strategic goals.
- Establish and manage a qualified cybersecurity staff in 4 areas:
(3) Security Operations Center
(4) Incident Response Team
- Implement the strategy and vision for the company’s cybersecurity program.
- Maintain the enterprise-wide situational awareness of IT risk landscape by linking the business strategy to cybersecurity protections.
- Work in a consultative fashion with IT organization and business unit leadership to share the vision and operational requirements to improve the security posture.
- Design, implement, maintain, and develop strategic thought-leadership for multiple information security disciplines such as security policy, awareness and education, risk management, electronic discovery, digital forensics investigations, incident response, vulnerability management, intrusion detection and prevention, security event log analysis, encryption, IT regulatory compliance, and security operations.
- Define standardized processes, tools, and platforms for the timely and quality delivery of cybersecurity solutions in cooperation with other IT and business units.
- Provide leadership to department heads in a fashion that supports the company’s culture, mission and values.
- Establish cybersecurity capabilities and processes to protect company assets.
- Conduct research and case studies on leading edge technologies and makes determinations on the probability of implementation.
- Determine and document information security requirements, controls, and standards necessary for the protection of information resources.
- Acquire, manage, support, maintain, monitor, troubleshoot, and enhance security infrastructure tools, methodologies, software, and hardware.
- Develop and maintain an ongoing technical training program for staff.
- Work with company operating leadership to forecast and manage corporate budgets associated with SG&A, capital, maintenance/support, and hosted services.
Knowledge, Skills, and Abilities:
- Aptitude to think and act strategically, independently and proactively.
- Strong verbal and written communicator that can appropriately present complex concepts to technical teams and business peers.
- Lead the team in establishing and executing the roadmap and deliver quality results.
- Ability to lead teams in the development, implementation, and maintenance of cybersecurity services and tools.
- Demonstrated ability to build collaborative organizations working effectively in a cross-functional team environment.
- Ability to work professionally with confidential information.
- Proficient in NIST 800-53, NIST Cybersecurity Framework, and cybersecurity risk management programs.
- Manage financial resources within targets.
- Direct large group of highly technical professionals to maximum performance.
- Effective vendor negotiating skills for both purchasing and maintenance contracts.
- Bachelor of Science in related field and at least 10 years of experience in the Information Technology arena.
- 7+ years’ management and strategic experience leading security teams.
- Experience with corporate level budgeting processes.
- Experience with Strategic Planning and Execution.
- Computer operations, programing, and system design experience.
- CISSP certified candidates strongly preferred.
- MS and/or MBA.
- Five plus (5+) years of background functioning in a senior leadership role, major operating group or subsidiary with accountability for cybersecurity.
- Certification(s): CISSP, CISM, CISA, CRISC, PCIP, etc.
Standing, sitting, walking, speaking, listening, bending, reaching, pushing, pulling, lifting, grasping and manipulating tools, typing, using peripheral computer tools. May be required to lift up to 25 pounds.
It is the Company’s policy to provide equal employment opportunity to all individuals. Securus will not discriminate against any associate or qualified job applicant with respect to any terms, privileges, or conditions of employment because of that person’s race, color, religion, sex, national origin, age, disability, veteran status, or any other characteristic or status protected under local, state or federal law, ordinance or regulation.