Job Summary: 

• Responsible for all aspects of Information Security, including data privacy, security policies, and strategic prioritization of security initiatives.
• Lead development, implementation, and maintenance of information security infrastructure and processes that align with security and data privacy needs.
• Ensure that all security monitoring systems and processes are functional and effective.
• Actively participate in the service development lifecycle to ensure developers are trained in and follow secure coding practices as well as privacy-by-design standards.
• Monitor changes in global industry-relevant legislation and accreditation.
• Maintain and enhance the Security Incident Response Plan, test the effectiveness of the program, and coordinate incident response across the company.
• Drive ISO27001, SOC2, PCI, and SOX Information Technology General Controls (ITGC) implementations as well as other certifications that meet organizational needs.
• Lead compliance with programs such as General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
• Present ongoing updates and analysis to the Audit, Risk, and Compliance Committee and the Leadership team.

Skills on Resume: 

• Information Security (Hard Skills)
• Data Privacy (Hard Skills)
• Security Infrastructure (Hard Skills)
• Incident Response (Hard Skills)
• Secure Coding (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Risk Communication (Soft Skills)
• Strategic Prioritization (Soft Skills)

Job Summary: 

• Own various aspects of Information Security, including Application Security, Cloud and Network Security, and Corporate Security.
• Maintain and enhance the current information security program in place at the organization.
• Identify the highest priority risks and address them in conjunction with the Engineering and Business Operations teams.
• Serve as the primary point of contact with third-party security vendors.
• Provide information security awareness training to organization personnel.
• Oversee information security audits performed by the organization or third-party vendors.
• Hire additional Information Security team personnel as needs are identified.
• Evaluate departmental budget and costs associated with maintaining the organization’s information security program.
• Balance security risk and product advancement effectively.
• Oversee penetration testing.

Skills on Resume: 

• Information Security (Hard Skills)
• Application Security (Hard Skills)
• Cloud Security (Hard Skills)
• Network Security (Hard Skills)
• Risk Management (Hard Skills)
• Vendor Management (Soft Skills)
• Security Training (Soft Skills)
• Audit Oversight (Hard Skills)

Job Summary: 

• Be a security subject matter expert and respond to any internal security engineering questions/requests.
• Build threat models.
• Report regularly to senior management on the current status of business systems, highlighting key security and compliance issues.
• Work closely with internal and external stakeholders to see issues through to resolution.
• Research and evaluate emerging security threats and ways to manage or mitigate them.
• Arrange testing and evaluation of the existing suite of security-related products.
• Plan and organize play days or ethical hacking days to test current protection levels and identify weaknesses.
• Assist in conducting security audits and detail recommendations, improvements, and corrective actions.
• Perform day-to-day operational monitoring and remediation of security threats and vulnerabilities via logical security tools and products.
• Manage and develop a team of 2-3 analysts.

Skills on Resume: 

• Security Expertise (Hard Skills)
• Threat Modeling (Hard Skills)
• Security Reporting (Hard Skills)
• Stakeholder Collaboration (Soft Skills)
• Threat Research (Hard Skills)
• Product Evaluation (Hard Skills)
• Ethical Hacking (Hard Skills)
• Team Management (Soft Skills)

Job Summary: 

• Identify, implement, and maintain InfoSec toolsets to appropriately protect systems and data.
• Lead and manage special information security projects such as planning upgrades, enhancements, and testing.
• Collaborate with support teams to report on the health of the environment.
• Lead and perform control self-assessments on critical software environments.
• Attest to the function of information security controls on an annual basis.
• Ensure systems security and integrity of data comply with federal and local laws.
• Work with the MSSP to provide security monitoring oversight through threat and risk analysis in a 24/7 environment.
• Monitor and ensure established processes are followed for collecting relevant data and performing necessary levels of analysis.
• Ensure security events are assigned and managed appropriately.
• Advise and develop a strategy for creating and maintaining InfoSec Standard Operating Procedures and recommend process improvements.
• Assist in vulnerability assessments prioritization, reporting, and remediations, collaborating with Operations staff and vendors to correct errors and alerts in IT infrastructure systems.

Skills on Resume: 

• InfoSec Tools (Hard Skills)
• Security Projects (Hard Skills)
• Environment Monitoring (Hard Skills)
• Control Assessment (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Threat Analysis (Hard Skills)
• Process Improvement (Soft Skills)
• Vulnerability Management (Hard Skills)

Job Summary: 

• Manage a small team of Information Assurance Specialists.
• Lead delivery of IT Security assurance activities to ensure systems and services are ‘secure by design’ and ‘effective in operation’.
• Lead assessment of systems, services, and IT Security controls to provide independent analysis of compliance with Security Policy, standards, and external regulatory requirements.
• Analyze, create, and compile relevant assurance documentation to determine the compliance level of systems, services, and technical security controls with applicable accreditation and internal policy requirements.
• Engage with stakeholders to promote a mindset of developing secure systems and transfer knowledge of security standards and processes.
• Support the development and maintenance of business reporting and assurance documentation.
• Produce education and awareness material, including running phishing simulations.
• Support internal and external audit processes.
• Understand, test, and implement security plans, products, strategies, and control techniques.
• Lead or participate in security-related projects and strategy.

Skills on Resume: 

• Team Leadership (Soft Skills)
• Security Assurance (Hard Skills)
• Compliance Analysis (Hard Skills)
• Documentation Management (Hard Skills)
• Stakeholder Engagement (Soft Skills)
• Security Awareness (Soft Skills)
• Audit Support (Hard Skills)
• Security Strategy (Hard Skills)

Job Summary: 

• Own and lead the Vulnerability Management Program.
• Develop the vision, roadmap, and strategy to ensure operational effectiveness and continuous improvement.
• Collaborate with infrastructure, application, and engineering teams to create and prioritize action plans to address risk.
• Establish strong partnerships and trust across business units and external stakeholders.
• Work closely with the Information Security Operations Center (SOC) and Threat Intelligence teams.
• Establish plans for both routine and ad hoc assessments across the organization, including coordination of third-party penetration tests such as Purple Team and Tabletop Exercises.
• Create metrics reports, conduct regular meetings with stakeholders, and educate the business and management on risk.
• Drive standardization with an emphasis on automating repeatable processes using SOAR.
• Create policies, protocols, and standard operating procedures.
• Develop, monitor, and measure Key Performance Indicators (KPIs) to determine overall vulnerability management effectiveness and identify opportunities for improvement.
• Support strategic plans and projects while driving and supporting overall Information Security goals and objectives, including establishing a service roadmap.
• Lead a team of technical resources.
• Develop and mentor staff of varying skill levels.

Skills on Resume: 

• Vulnerability Management (Hard Skills)
• Security Strategy (Hard Skills)
• Risk Mitigation (Hard Skills)
• Stakeholder Partnership (Soft Skills)
• Penetration Testing (Hard Skills)
• Process Automation (Hard Skills)
• KPI Measurement (Hard Skills)
• Team Leadership (Soft Skills)

Job Summary: 

• Develop and maintain robust security controls to protect the business from security breaches and incidents.
• Deliver security demands from the business for the effective implementation of security controls.
• Ensure operational performance to deliver security controls at optimum cost.
• Maintain strong relationships with key stakeholders, including business units, IT departments, and security teams, to meet security requirements timely and effective manner.
• Engage with auditors to acquire and retain certifications and attestations.
• Support audits through timely responses, escalation management, gap analysis, and mitigation.
• Lead internal reviews and assessments of solutions, processes, procedures, and practices.
• Conduct supplier assessments to ensure compliance with security schedules.
• Manage the risk profile of IT systems.
• Drive education and awareness activities across platforms and Enterprise IT.

Skills on Resume: 

• Security Controls (Hard Skills)
• Operational Performance (Hard Skills)
• Stakeholder Management (Soft Skills)
• Audit Support (Hard Skills)
• Gap Analysis (Hard Skills)
• Supplier Assessment (Hard Skills)
• Risk Management (Hard Skills)
• Security Awareness (Soft Skills)

Job Summary: 

• Provide direction for Enterprise IT Security and Cybersecurity protection, and oversee technology governance and policies.
• Develop Enterprise IT Security strategy and awareness programs, define security architecture, and lead security incident response.
• Provide strategic risk guidance for IT projects, including evaluation and recommendation of technical controls.
• Develop, maintain, and publish up-to-date security policies, standards, and guidelines.
• Evaluate new cybersecurity threats and IT trends, and implement effective security controls.
• Oversee the development of security awareness programs.
• Evaluate potential security breaches, coordinate responses, and recommend corrective actions.
• Define and report on information security KPIs.
• Provide security project management and leadership to staff and external resources to achieve goals, improve efficiencies, and resolve problems.
• Maintain current knowledge of industry and regulatory trends and developments in enterprise technology.

Skills on Resume: 

• IT Security Strategy (Hard Skills)
• Security Architecture (Hard Skills)
• Incident Response (Hard Skills)
• Risk Guidance (Hard Skills)
• Policy Development (Hard Skills)
• Threat Evaluation (Hard Skills)
• Security Awareness (Soft Skills)
• Project Leadership (Soft Skills)

Job Summary: 

• Specialize in multiple security domains such as incident response, operational assessment of security posture, and general security management.
• Apply a thorough understanding of security management and security governance principles.
• Collaborate with external stakeholders, including law enforcement, auditors, testers, investigators, and intelligence partners.
• Monitor, evaluate, and adjust the organization to ensure success in managing security.
• Organize preparation of security status dashboards and present findings to executive management.
• Formulate long-term security policy for assigned domains.
• Manage security schedules of major global contracts and oversee supplier integration and secure service delivery as contracted.
• Manage all service delivery components and coordinate supplier teams delivering services.
• Build and evangelize security policies and best practices.
• Be responsible for hiring a world-class security team.

Skills on Resume: 

• Incident Response (Hard Skills)
• Security Management (Hard Skills)
• Stakeholder Collaboration (Soft Skills)
• Security Monitoring (Hard Skills)
• Executive Reporting (Soft Skills)
• Policy Formulation (Hard Skills)
• Service Delivery (Hard Skills)
• Team Building (Soft Skills)

Job Summary: 

• Define the organization’s security roadmap.
• Design, implement, and execute security solutions with hands-on involvement.
• Work directly with research teams to protect core assets.
• Lead compliance audits for internal security policies.
• Collaborate with practice teams and leadership on information security, data protection, governance, risk, and compliance activities, including client assurance, policy compliance, vulnerability management, risk assessments, and incident response.
• Anticipate security issues and actively work to prevent them from occurring.
• Serve as the security specialist for all Marketing & Sales solutions, managing risks and identifying opportunities for improvement.
• Work closely with Marketing & Sales leadership and centralized risk, cyber, and information security teams to ensure security systems reduce operational risk effectively.
• Ensure each solution adheres to internal policies and meets or exceeds current standards.
• Collaborate with business units to improve security awareness and ensure compliance with regulatory standards.
• Design, develop, and implement information security practices with a hands-on, dialogue-driven approach.
• Own certification projects such as ISO 27001.

Skills on Resume: 

• Security Roadmap (Hard Skills)
• Security Solutions (Hard Skills)
• Asset Protection (Hard Skills)
• Compliance Audits (Hard Skills)
• Risk Management (Hard Skills)
• Issue Prevention (Hard Skills)
• Security Awareness (Soft Skills)
• Certification Management (Hard Skills)