Responsible for Management and Operations of security environment including: log management, vulnerability scanning, web application firewalls and network firewalls. Will oversee all security operations processes, threats and incident management. Must have strong, current Technology Security experience, not just IT Operations experience. This is not an IT Operations position with some Security responsibilities - it is a Security position with Technology responsibilities.
· Manage the design and implementation of all operational security processes and technologies including data center, network, cloud and mobile and ensure that they are in line with industry best practices.
· Design and maintain security controls, protocols and practices across the enterprise while ensuring compliance with regulatory and standards agencies (PCI, Sarbanes-Oxley, etc.).
· Design and manage IT Operations Security Roadmap and strategy including the security budget.
· Coordinate the use of external resources involved in the information security program
· Manage security incidents and events to protect corporate IT assets. Monitor the external threat environment for emerging threats, and advise relevant stakeholders of appropriate courses of action
· Define and improve the security of our computing environment including infrastructure and applications.
· Oversee identity and access management processes and policies to adhere to audit requirements and industry best practices.
· Coordinate with other technology stakeholders to evaluate, recommend and implement security related technology and change control process.
· Define and facilitate the information security risk assessment process, including the reporting and oversight of remediation efforts to address negative finding
· Ensures the confidentiality of sensitive information.
· Participates in special projects and performs additional duties as required.
· Bachelor Degree in a Technology related area, Advanced Degree a plus.
· Strong, current hands-on experience as a Senior, Lead or Manager of a Security Department or Operation
· Experience in a combination of Risk Management, Information Security and related IT roles leading Security Reviews or similar projects
· Ideally will have at least one of the following Professional Security Management Certifications:
· CISSP: Certified Information Systems Security Professional
· CISM: Certified Information Security Manager
· CISA: Certified Information Systems Auditor (CISA)
· Other Certification or Credential
· Experience with contract and vendor negotiations
· Expert understanding of security concepts, principles and practices related to infrastructure architectures, applications, network, cloud and web
· Experience in developing information security policies and procedures, wide knowledge of technology attack points and exploits
· Ability to manage multiple projects under strict deadlines, as well as the ability to work well in demanding, dynamic environments while meeting objectives
· Ability to lead and motivate cross-functional teams to achieve tactical and strategic goals
· Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences
This is a permanent, full time position. Not a Contract
All candidates MUST be local to Farmingdale, L.I., NY
Please do not apply if you are not local, even if you would pay your own relocation.
Relocation is NOT offered.
All candidates must be legally eligible to work in the United States without sponsorship and must reside locally. Sorry, No Visa Sponsorships or Transfers at this time. No 3rd Party Recruiters unless you represent a local candidate with these qualifications
RESUMES FROM OUTSIDE OF THE US WILL NOT BE READ