Job Type: Full-time employee
Job Location: Boston, MA area
Compensation: Base of mid $100’s plus bonus plans. (call for specific details)
Education: BS Degree and a Masters is a plus
Travel %: minimal
Relo Paid: Yes – case by case basis
Status: US Citizen or Green Card – Sorry, no Visa Sponsorship
SecurityHeadhunter.com, a Security Search Firm, has been selected to conduct a search for a top shelf AVP candidate to manage the Security Operations Center (SOC) for a fortune 500 organization.
As the selected candidate, you will have knowledge of INFOSEC best practices and be responsible for overseeing the overall state of security for the organization and for working with management to ensure that INFOSEC objectives are aligned with corporate risk tolerance and strategic goals. You will also be responsible for developing and keeping up to date security policies and procedures to ensure operational compliance.
You will need a minimum of 8+ years of IT experience with at least 5 years developing and implementing security policies / best practices within a multi-platform environment. You will need good project management skills and excellent oral and written communication skills. Managing staff for at least 4 years in technical leadership roles is required.
Additional responsibilities and duties include:
- Managing and mentoring a staff (2 direct and 25+ indirect) and developing them for future growth within the security department in additional to conducting performance appraisals, interviewing and proper discipline.
- As relate to the needs of the SOC and OGC (operational governance groups), oversee the development and management of RFP’s, expense budgets and business plans.
- Contributing to the design, maintenance and execution of Corporate Security Policy and Incident Response Plans.
- Reporting on the state of Security of the computing environment to the executive level.
- Must be knowledgeable of INFOSEC systems including SIEM platforms, firewalls, virus protection and vulnerability testing.
- Must be knowledgeable in a broad range of technologies including OS, mainframes, mid ranges and client server.
- Must be knowledgeable in SOX and PCI and understand how to deal with regulators when needed.
- Must be able to make appropriate recommendations (and coordinate implementation) on the design / purchase of security tools to be utilized by the SOC, Operational Governance and the Security Intelligence groups.
- Directing and creating remediation priorities based on level of vulnerability / scope of impact.
- Implementing policies that will ensure there are correct levels of scanning, monitoring, and incident response when needed.
- Developing procedures which will ensure there is as minimal impact and disruption to business operations and systems during any remediation of vulnerability issues.
- Providing the appropriate direction and methodology for forensic analysis and reporting.
- Developing and implementing security standards and procedures for controlling access / authentication to many systems and applications.
- Must maintain or create procedures to continually evaluate security administration standards and procedures to ensure compliance with best practice standards and audit requirements.
- Ability to partner with other departments and groups to understand the user needs for access to corporate data and applications and ensuring that data has been appropriately classified as public, private, sensitive, or confidential.
- Reviewing and evaluating projections on the needed resources for INFOSEC projects (i.e. capital costs, FT staff, contractors, etc.)
- Reviewing and prioritizing INFOSEC projects portfolio.
- Partnering and/or working with other IT groups to secure participation from key people /contributors from other departments and notifying senior management for additional resources. Allocating resources as needed to support strategic company goals.
- Collaborating and working with other departments (App Dev, Systems, Infrastructure, Architecture, etc) to clarify INFOSEC expectations for securing systems to ensure adherence to policies and standards.
To be considered for this position, please contact Wils Bell directly at 407-365-2404 or email a confidential resume to: Bell@SecurityHeadhunter.com