|Date Posted||April 7, 2018|
Our client, Located in Boston MA, is looking for a security lead on their team. The candidate will oversee, guide and prioritize with the sub team in systems requirements planning, systems security architecture, and continuous monitoring. The candidate will also support the Chief Information Security Office in security program management and security human capital management. Also, the candidate will serve as a liaison with IT partners to establish and maintain daily working relationship.
- Security Program Management
- Perform necessary due diligence activities to determine third-party vendor adherence with IT compliance requirements.
- Serve as InfoSec Lead for initial detection, analysis, and investigation of security events to determine likelihood of compromise and respond according to Executive Information Security Incident Response processes.
- Advise the CISO by identifying critical security issues; recommending risk-reduction solutions.
Security Human Capital Management:
- Manage, mentor and implement professional development plans for direct reports, working closely with Human Resources.
- Assist in the management of a workforce by ensuring the fair and consistent application and strict adherence to the rules, regulations, collective bargaining agreements (if applicable) and policies of the Authority including the EEO, Anti-Discrimination and Anti-Harassment and Anti-Retaliation policies.
Systems Requirements Planning:
- Design and document security architecture guidelines and requirements.
- Maintain a current understanding of technology trends to participate in evaluation of potential technology improvements or shifts.
Systems Security Architecture:
- Lead the development and improvement of architectural and security designs.
- Serve as a subject matter expert to executive leadership on a range of cybersecurity best practices, architectures, solutions and technologies.
- Provide cybersecurity architecture services to business partners to ensure the secure delivery of all technology.
- Ensure architectures, technologies and solutions align with and integrate regulatory requirements and industry best practices.
- Analyze the effectiveness of IT control activities and report on them, with actionable recommendations, to the CIO, the CISO and IT managers.
- Bachelors degree in related technical or engineering field or supplemental professional experience.
- 7+ years experience in an IT environment, with experience leading information assurance and security architecture teams, and managing and providing technical leadership for complex enterprise security projects.
- Deep understanding of vulnerability assessment and validation processes.
- Demonstrated ability to perform a risk-based approach to securing applications, databases, or infrastructure.
- Excellent verbal and written communication skills.
- Knowledge of the principles, practices and techniques of supervision.
- Knowledge of SIEM technology (QRadar preferred).
- Knowledge of NAC technology (Forescout preferred).
- Knowledge of or experience with security architecture framework.
- Knowledge on threat landscape, security threat and vulnerability management, as well as security monitoring and analytics.
- Knowledge in compliance frameworks and requirements such as PCI, HIPAA, SOX, etc.
License and/or Certification Requirements:
GSLC, CRISC, SSCP, CISSP, CISSP-ISSAP, CISSP-ISSEP, CEH, CompTIA Security + or equivalent certification preferred.
Experis is an Equal Opportunity Employer (EOE/AA)