Overview
The Cybersecurity Director is responsible for leading a team to implement, maintain, monitor and manage secure solutions. The director will be responsible for firewall management governance, cybersecurity engineering and architecture. The director delivers these solutions in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements. As risks change, the director is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape. The director role is responsible for architecting, implementing, and advising a secure cloud infrastructure supporting business needs. The position will architect secure infrastructure and applications that align with business and cybersecurity strategies to support a fast-paced environment. This role will support the progressive needs of the business and provide timely, secure and cost-efficient solutions that elevate the company’s cloud security posture.
The role requires technical knowledge of cloud computing architecture, security principles and cybersecurity best practices. This role must be proficient in cybersecurity and systems administration across a wide variety of infrastructure types (SaaS, IaaS, PaaS). Additionally, demonstrated experience with AWS, Microsoft Azure, Oracle, Google Cloud and other cloud solutions is preferred.
The director is expected to help execute the corporate security strategy with the CISO, Deputy CISO, security leadership and other senior security staffers and technologists. Recipients of the network implementations and management include IT infrastructure, application development, security operations, security audit and end users. With an emphasis on securing systems, applications, third-party connections, service providers and ancillary systems, the security engineer is responsible for securing business-to-business initiatives, third-party relationships, outsourced solutions, and vendors. Considered a highly knowledgeable individual, the security engineer is expected to implement, monitor, and manage secure solutions that address modern day issues.
Essential Functions:
- Manage a team of security operators/responders and interact with cybersecurity leadership and business stakeholders.
- Implement a cross-functional team working closely with cybersecurity, IT and developers.
- Handle day-to-day leadership of implementation, monitoring and operational support of hardware, managed solutions and service provider relationships.
- Support cloud security architecture for SaaS, PaaS and IaaS.
- Recommend and implement cloud security tools and controls.
- Use cloud security tools for asset discovery, cloud workload protection platform (CWPP), control plane configuration and cloud security posture management (CSPM).
- Develop, maintain and enforce cloud security policies and procedures, as well as best practices for following standards such as FedRAMP, Cloud Security Alliance, SOC 1/2/3, CIS and NIST SP 800 series.
- Communicate the state of cloud security posture to cybersecurity leaders, stakeholders, IT and developers.
- Stay up to date with cybersecurity threats, risks and vulnerabilities with potential impact to services.
- Collaborate with IT and cybersecurity leadership to develop practices to reduce attack surface, as well as countermeasures to impede internal threats and external attackers.
- Define key performance indicators, objectives and key results, and metrics to illustrate efficacy with cloud infrastructure and applications.
- Actively participate and lead security team meetings that facilitate secure network design and execute to the guidance on the network infrastructure.
- Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with service level agreements (SLAs).
- Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected.
- Work in tandem with architects, the security operations center (SOC), incident responders (in cases of anomalous activity and host compromise), and technology infrastructure and development team members.
- Respond to and handle service and escalation tickets within SLA expectations.
- Participate regularly in change project and change management meetings.
- Research, validate and deploy solutions meeting security and business needs.
- Focus on driving security efficiencies, enabling security team members to work on more advanced tasks.
- Conduct performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.
- Perform other duties as assigned.
Required Qualifications:
Education:
- Bachelor’s degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.
Experience:
- At least 10 years’ experience in IT and security operations
- 5 years leading a technical cybersecurity team
- 3 years cloud experience
Licenses:
Preferable, but not required: CISSP, CISM, CRISC, CISA, GCIH, GCFA, GCFE
Preferred Qualifications:
Education:
- Bachelor’s degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.
Experience:
- At least 10 years’ experience in IT and security operations
- 5 years leading a technical cybersecurity team
- 3 years cloud experience
Other:
- Demonstrated experience as a team lead, managing people, as well as technology.
- Functional use with cloud tools (CWPP, CSPM, cloud-native application protection platform) and automation (Chef, Puppet, Salt, Ansible).
- Proficient in one or more: Terraform, Kafka, Kubernetes, scripting (Python, JavaScript, Bash).
- Proven use with zero trust network access, encryption, web application firewalls, data protection, vulnerability management, API security, IaC.
- Ability to influence technical team and business units and collaborate to reduce attack surface.
- Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001).
- Capacity to comprehend complex technical infrastructure, managed services and third-party dependencies.
- Applicable knowledgeable as needed about FISMA, GDPR, PCI, CCPA, HIPAA, GLBA, Regulation P, NYDFS, etc.
- Strong written and oral communication skills across varying levels of the organization.
Licenses:
Preferable, but not required: CISSP, CISM, CRISC, CISA, GCIH, GCFA, GCFE
Benefit Information:
ABM offers a comprehensive benefits package. For information about ABM’s benefits, visit:
https://www.abm.com/wp-content/uploads/2023/11/2024-Recruitment-Staff-Mgmt-11.6.23.pdf