To perform this job successfully, an individual must be able to perform each essential function satisfactorily. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. Other duties may also be assigned. Leadership Build and maintain strong stakeholder relationships across the enterprise Partner with stakeholders to create efficient risk management strategies in their areas to ensure best possible customer experience and/or business objective can be achieved Ensure the Security team is resourced adequately with relevant skills and capabilities to deliver the security program and future security needs in line with budget requirements Collaborate with Technology Leadership team to deliver on their business objectives Work closely with enterprise leaders to build confidence, empowerment and accountability in addressing security risks within their areas Ensure the efficient and effective security infrastructure across the enterprise Co-create and deliver the security budget Security Program Act as the overall security engagement lead that is responsible for project management, team sourcing and coordination, overall delivery of the program, engagement economics and IT client endorsement Provide consulting analysis and maintain an excellent IT client relationship experience Support management with practice development and other strategic or operational responsibilities Responsible for mentoring and training team members and handling complex projects Provide regular updates to cross-functional leaders/managers and the executive team (as warranted) Co-develop key initiatives and strategies roadmap Responsible for maturing security program and capabilities across the organization Responsible for providing summarized visibility of our cyber risks to the management team and functional leaders across the business whilst empowering the accountable parties Ensure the implementation of sustainable and efficient tools/solutions across the enterprise while balancing the needs of the IT user vs standardization/maintainability Monitor the TAMKO environment for security weaknesses, abuse, fraud, and exploitation Discover and respond to threats as they occur Review, manage, and implement changes in various security systems Review, manage, and remediate vulnerabilities Lead technical aspects of red team/blue team exercises Oversee and manage technical 3rd parties (penetration testing, etc) Participate in the design, analysis, and implementation of efficient security systems and software Assist with the evaluation and testing of new security technologies Gather feedback from IT clients to adjust and improve deployed security mechanisms Responsible for creating and publishing hardening guides and ensuring alignment across the enterprise with industry best practices Responsible for implementation of ITGCs (IT General Controls), mitigating controls and liase with users across the enterprise to architect solutions that mitigate risk and provide an elevated user experience Required Education and Experience Bachelor’s degree in an information technology discipline or equivalent combination of education and experience Significant experience in cyber security consulting and CISSP Experience with industry-leading frameworks (CIS, NIST, ISO) and auditing against those frameworks Position Requirements Windows and Unix-like OS Proficiency Ability to discover and respond to active security incidents or potential threats and responsible for subsequent forensic activities Ability to review and safely implement changes in security systems Ability to identify and remediate network vulnerabilities Experience applying security patches in an industrial network Strong working knowledge in the following technologies, including exploits, vulnerabilities and weaknesses: Firewalls Endpoint Security Physical Security Web Application Firewalls (WAF) Identity/Access Management Vulnerability Testing Public and Private Cloud Architecture & Security Thorough knowledge of penetration testing, exploitation, remediation and mitigating controls Excellent communication skills Proficient in Microsoft Office products Advanced analytical skills Advanced knowledge of project management principles, practices, and procedures Ability to deliver presentations to senior leadership Ability to develop proposals Ability to be self-motivated and directed Ability to work collaboratively within a team, cross-functionally and to foster teamwork Ability to work across different time zones Physical Requirements/Work environment The physical requirements/work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. While performing the duties of this Job, the employee is regularly required to remain in a stationary position for long periods. The employee is frequently required to operate a computer and other office equipment, such as a copy machine, calculator, and computer printer. The employee needs to occasionally move about inside the office to access file cabinets, office machinery, greet visitors, attend meetings, etc. The noise level in the work environment is usually moderate. This job description is subject to change at any time.
Self-motivation Analysis Communication Manager Mentoring risk management Security Collaboration Training penetration-testing Windows Design Systems implementation Presentation skills Engineering Firewalls Cybersecurity Leadership Project management