• Augment and maintain a strategic, comprehensive enterprise information security and IT risk management program to safeguard computer systems, networks, and data and achieve company security goals
• Develop incident response plans and procedures to ensure timely resolution of security incidents, conduct forensic investigations, and present impacts to company leadership
• Develop technical solutions and new security tools to mitigate and prevent security vulnerabilities and automate tasks.
• Configure and troubleshoot security infrastructure devices (firewalls, VPNs, IDS/IPS, etc.)
• Lead the information security team or employ trusted vendors to conduct regular security audits, vulnerability assessments, and penetration testing.
• Provide leadership to the information security team, including hiring, training, and professional development.
• Develop, implement, and enforce security policies, procedures, and guidelines.
• Provide education and foster a culture of security awareness and compliance throughout the organization to enhance overall security posture and resolve security vulnerabilities.
• Collaborate with cross-functional teams to assess and mitigate security risks associated with projects and initiatives.
• Share emerging security threats, trends, and technologies and ensure policies are reviewed and updated regularly to reflect evolving dangers

Required Skills:

• Attention to Detail: Keen attention to detail to identify subtle signs of security breaches or vulnerabilities.
• Analytical Skills: Ability to analyze security systems and seek out vulnerabilities before they can be exploited.
• Teamwork: Ability to work collaboratively with other IT professionals to ensure the security of all technology systems.
• Continuous Learning: Commitment to staying current with the latest security threats, technologies, and trends.
• Written and verbal communication skills.
• Leadership: Strong leadership skills to manage and guide the security team effectively.
• Communication: Excellent communication skills to articulate security and risk-related concepts to a broad range of technical and non-technical staff.
• Strategic Planning: Skills in developing and implementing comprehensive security strategies, policies, and plans.
• Risk Assessment: Ability to perform risk assessments and respond to incidents effectively.
• Vendor Management: Skills in managing relationships with vendors to ensure that service agreements are met and that the vendors are adequately addressing the needs of the organization.
• Vulnerability Scanning: Knowledge of conducting and interpreting vulnerability scans.
• Problem-Solving: Strong problem-solving skills to swiftly respond to security incidents and complex issues.
• Project Management: Experience in managing projects, including budgeting and resource allocation.
• Risk Management: Ability to identify, evaluate, and mitigate risks, ensuring that internal cybersecurity policies and procedures meet the company's business objectives and regulatory requirements.
• Vendor Management: Skills in vendor negotiations and managing relationships to ensure that service agreements are met and that the vendors are adequately addressing the needs of the organization.

Required Security Skills and Experience:

• Minimum of 5 years of experience in IT Security Role with a combination of risk management, information security, and data protection.
• Strong understanding of network protocols, secure network design, firewalls, intrusion detection/prevention systems, encryption, endpoint security, authentication systems, log management, and antivirus software.
• Experience with security incident response and forensic investigation.
• Experience with cloud security architectures and hybrid environments including Azure, M365, AWS.
• Experience with Cloud Computing/EaaS/IaaS/PaaS/SaaS technologies.
• Experience with IAM (Identity and Access Management)
• Experience designing, implementing, and maintaining a Zero Trust Architecture security model.
• Experience with Security Information and Event Management (SIEM) tools for real-time analysis of security alerts
• Experience with DevOps and security automation.
• Experience with scripting and automation to streamline security processes and tasks, including PowerShell.
• Exposure to the following technologies:
  • .NET/C#
  • SQL Server
  • Python
  • Mobile App Development
  • JavaScript
  • TypeScript
  • AWS/Azure
  • Octopus Deploy & Jenkins
  • Node.js
  • Azure DevOps
  • API Managers
  • VMWare

Preferred Security Skills and Experience:

• Knowledge of regulatory compliance requirements for PCI.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, GDPR, and NIST.
• Detailed technical knowledge of database and operating system security.
• Designing, implementing, and maintaining security measures for the protection of M365 environments.
• Familiarity with Windows administration, basic scripting, O365, Azure, Intune, , and Multi-factor authentication solutions.
• Microsoft 365 Security, Compliance, and Endpoint Management Platform: Strong experience Defender, Defender for Endpoint Purview, Defender for O365, Intune and Autopilot.
• M365 Identity Management Platform: Strong experience with Microsoft Entra (Azure AD), Entra Connect (AD Connect), Conditional Access, Multi Factor Authentication.

Preferred Certifications:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Certified Ethical Hacker (CEH)
• Certified Cloud Security Professional (CCSP)
• Payment Card Industry Professional (PCIP)

Education:

• Bachelor's Degree: Information Technology, Information Security, Computer Science, or a related field.

Schedule:

• Full time
• Monday-Friday, 9AM-6PM
• As a leader in the organization the successful candidate must be available for nights and weekends as need for business needs.

Benefits:

• All full time employees are eligible for employer-sponsored medical, dental, life insurance, AD&D, STD/LTD
• 401K with employer match
• Free food and beverage program with onsite cafeteria
• Free onsite gym
• Casual dress policy