empty

IT Security Lead

Cryoworks

Job Description

Posted on: 
November 18, 2024

Summary and company overview

Position Summary:

The Security and Documentation Lead will be responsible for overseeing security systems, firewall management, physical security systems, and technical writing to ensure compliance with the Cybersecurity Maturity Model Certification (CMMC). The ideal candidate will have a strong background in IT security, hands-on experience with security systems, and excellent technical writing skills.

Company Overview:

NA

Responsibilities

  • Security Systems Management:
  • Manage and administer security systems, including intrusion detection/prevention systems (IDS/IPS), antivirus software, and security information and event management (SIEM) tools.
  • Monitor security alerts and incidents, investigate security breaches, and implement corrective actions to mitigate risks.
  • Conduct regular security assessments as required by GIS (Global Information Security Team) and audits to identify vulnerabilities and ensure compliance with security policies and standards.
  • Incident Management
  • Create and Manage Incident Management Processes and Procedures
  • Prioritizing incidents according to their urgency and influence on the business.
  • Communicating with upper management.
  • Network Access
  • Manage Beyond Trust for Admin and Vendor Access
  • Manage VPN Access including 2 Factor Authentication.
  • Security Systems:
  • Oversee the installation, maintenance, and monitoring of physical security systems, including access control systems, surveillance cameras, and alarm systems.
  • Collaborate with facilities management and security personnel to ensure the integrity and effectiveness of physical security measures.
  • Conduct periodic assessments and tests of physical security systems to identify vulnerabilities and recommend enhancements.
  • IT Asset Management:
  • Develop and maintain an inventory of all IT assets, including hardware, software, and digital resources.
  • Track the lifecycle of IT assets, from procurement to disposal, ensuring adherence to organizational policies and procedures.
  • Implement best practices for asset management, including asset tagging, tracking, and auditing.
  • Collaboration and Training:
  • Collaborate with IT teams, security professionals, and other stakeholders to implement security best practices and address security-related issues.
  • Provide training and guidance to IT staff and end-users on security policies, procedures, and best practices.
  • Serve as a subject matter expert on security-related matters and participate in cross-functional projects and initiatives.
  • Firewall Management:
  • Configure, maintain, and troubleshoot firewall systems to ensure network security and compliance with regulatory requirements.
  • Develop and implement firewall rules and policies to control access to network resources and protect against unauthorized access and threats.
  • Monitor firewall logs and traffic patterns to detect and respond to security incidents and anomalies.
  • Physical Security Systems:
  • Oversee the installation, maintenance, and monitoring of physical security systems, including access control systems, surveillance cameras, and alarm systems.
  • Collaborate with facilities management and security personnel to ensure the integrity and effectiveness of physical security measures.
  • Conduct periodic assessments and tests of physical security systems to identify vulnerabilities and recommend enhancements.
  • Other:
  • Adopt a "Go to Gemba" mindset to observe and understand how the work happens.
  • Develop standard work documentation for IT processes and controls.
  • Follows ITIL processes for support, helpdesk, and administration.
  • Systematically work with business users to track helpdesk tickets in Jira or equivalent software.
  • Other Duties as assigned.

Job Requirements

Required Qualifications:

  • Must be a US Citizen
  • Bachelor’s degree in computer science, Information Technology, or a related field.
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH) preferred.
  • 5+ years of experience in IT security, with hands-on experience in security systems management, firewall administration, and physical security systems.
  • Strong technical writing skills, with the ability to communicate complex technical concepts effectively in written documentation.
  • Knowledge of cybersecurity regulations and standards, including CMMC, NIST SP 800-171, and other industry frameworks.
  • Excellent analytical and problem-solving skills, with the ability to assess security risks and develop effective mitigation strategies.
  • Strong interpersonal and communication skills, with the ability to collaborate effectively with cross-functional teams and stakeholders.
  • Ability to conduct research into systems issues and products as required.
  • Ability to communicate ideas in both technical and user-friendly language.
  • Highly self-motivated and directed.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Strong customer service orientation with demonstrated business partner influence.
  • Ability to thrive in a highly matrixed organization where boundaries are sometimes unclear. Working well across teams, functions and organizations.
  • Ability to travel up to 20%.

Preferred Qualifications:

  • Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) preferred.
  • Vendor Management experience
  • Technical Certifications
  • Process & Change Management expertise.
  • Intermediate to advanced Excel skills
  • 7+ years of overall experience

Additional commentary

  • Competencies:

  • Track record of driving incremental change via process and/or IT tools

  • Ability to translate technical IT terminology into simple business speak.

  • Integrity and ethical qualities of the highest standard and comfort in raising awareness to concerns up the leadership chain of command.

  • Self-starter with desire to foster a sense of urgency when addressing customer and business concerns.

  • Demonstrated commitment to continuous improvement and employee productivity.

  • Must demonstrate strong analytical and problem-solving thought process.

  • The ideal candidate will have the interest and aptitude for continued professional growth. He/she will possess the competencies and aspirations to progress in functions and levels beyond IT operations site leadership

  • Opportunities at CRANE:

  • Personal development – Work with other high-energy individuals and technical experts in a cross-functional, results focused environment.

  • Technical development – Opportunity to refresh, refine, or enhance technical skills with certifications or classroom courses.

  • Career advancement – Natural candidate for regional operations lead, business systems analyst, or project manager track

Summary and company overview

Position Summary:

The Security and Documentation Lead will be responsible for overseeing security systems, firewall management, physical security systems, and technical writing to ensure compliance with the Cybersecurity Maturity Model Certification (CMMC). The ideal candidate will have a strong background in IT security, hands-on experience with security systems, and excellent technical writing skills.

Company Overview:

NA

Apply now