Employer: CCCi
Location: Atlanta, Georgia, United States
Job Description
Experience: 15 – 20 years
Compensation: $125,000.00 – $150,000.00
Degree: BA
Position summary:
CCCi’s client has an immediate opening for their Director of Global Security, located in Atlanta, GA. The global Information Technology Security Director is responsible for the management of information security
policies, procedures and technical systems in order to maintain the confidentiality, integrity and availability of our client’s information systems. This individual will be responsible for the global development, implementation and ongoing management of information security policies and systems for compliance. This position will work closely with technology, applications and business areas to ensure that security programs are implemented and maintained. Additionally, this individual will advise and collaborate with business units on business continuity, disaster recovery plans, physical security and audit and governmental compliance practices. The individual must have a strong security, network and applications knowledge as well as communication and leadership skills in order to develop and manage the delivery of security programs to the organization.
Key Areas of Responsibility:
- Design, develop and implement information security architecture in a large global multi-geography enterprise environment
- Develop, implement, monitor and enhance data security policies, procedures and standards
- Test and evaluate new technologies that will enhance the security of the enterprise
- Partner with business units and various groups within Interface to define secure technology solutions
- Performs information security risk assessments and serves as the internal auditor for information security processes including risk identification, risk mitigation, and documentation
- Work with data owners, IT teams, compliance and legal to classify all data and maintain appropriate access restrictions
- Participate in the testing and development of the organizations disaster recovery plan on an annual basis to ensure data and information security practices are maintained
- Initiates, facilitates and promotes activities to foster information security awareness within the organization by developing and/or deploy Education and Awareness Programs
- Direct and provide hardening guidance in operating system, databases and application security
- Leads incident response team and facilitate incident management and response across all platforms and generate management reports
- Monitors advancements in information security technologies, and changes in the industry that affect information security
- Administer and maintain network security systems such as Firewalls, IDS (intrusion detection system), A/V (anti-virus) and incident management
- Leads forensic / security investigations under the direction of legal and human resource departments
- Conduct vulnerability assessments (network, server, databases, application, etc.) and drive remediation
- Define and validate system security requirements.
- Implement secure systems / standards using ISO 27001 and ISO 17799/27002
- Audit and monitor IT Security Best Practices including:
- Firewall/Network Design
- Anti-Virus Strategy
- Platform Maintenance
- Intrusion Detection Monitoring
- System access ID
- Logon procedures and policies
- File transfer protocols
- Procedure and practices
- Identify and manage remediation efforts on vulnerabilities
- Develop Security awareness and training programs
- Provide guidance and advocacy regarding prioritization of infrastructure investments that impact security
- Develop, publish and maintain comprehensive company-wide information privacy and security strategy, plans, policy, procedures, and guidelines
- Ensure departments consider information security risks in both ongoing and planned operations
- Maintain relationships with local, state, and federal law enforcement and other related agencies
- Work with outside consultants as appropriate on required security and risk audits
- Create selection criteria for vendor products, tools and services related to information security
- Monitor and report on our client’s risk management activities and compliance
Basic Requirements:
- Bachelor’s degree in Management Information Systems, Computer Science, Engineering or related discipline.
- Local candidates only
- 15+ years of overall IT experience
- Must have Global Security experience to be considered. Manufacturing experience is highly desired
- 8 to 10 years in a combination of risk management, IT Leadership information security and information technology desired.
- One or more of the following certifications are preferred:
- CISM
- CISA
- CISSP
- CRISC
- HISP
- Must possess an understanding of security and control frameworks such as:
- ISO 27001
- COBIT
- COSO
- Sox
- PCI
- Must have a solid understanding of information technology and information security practices, including the areas of:
- Host security
- Platform architecture
- Network perimeter security
- Intrusion detection / prevention
- Application security modeling
- Physical security
- Systems integrity
- Continuity planning
- Experience in security policy and standards development, implementation and program review
- Ability to synthesize complex technology concepts and apply them to strategic, business level considerations
- Experience in Unix, Windows, Linux, TCP/IP, Storage devices, network devices, fail-safe strategies, system architecture, LAN and WAN methods and intranet/internet security environments including;
- Firewalls
- Intrusion detection
- Incident response
- Policy writing
- Vulnerability testing
- Operating system hardening
- Regulatory compliance
- Data classification
- Strong understanding of data center operations, critical dependencies and network infrastructure
- Extensive knowledge of security infrastructures, processes and implementations
- Experience in performing Cloud Computing vendor evaluations (SaaS, PaaS, IaaS)
- Knowledge of relational database design and architecture with experience in data administration and security methods with tier 1:
- ERP (Oracle, SAP, JDE etc.)
- Web application layers
- E-commerce
- SQL
- Knowledge of risk assessment methodologies
- Knowledge of forensic analysis methodologies and tools
- Knowledge of auditing methodologies and tools
- Experience in the areas of:
- Full life-cycle project management
- SLA
- Staffing and budgeting
- Onshore and offshore resource management
- 24/7 operations
- Outsourcing strategy
- Experience in:
- NDS/HIDS
- SEIM
- Log Management
- Patch Management
- Vulnerability Management
- eDiscovery
- Virtual Machine Security
- Experience in:
- Security Architecture
- Policies & Standards
- Risk Management
- Incident Response
- Data Discovery
- Classification
- Excellent organization and time management skills with a focus on a delivery, responsiveness, ownership and accountability
- Ability to manage stress well under difficult situations and when dealing with issues and project deadlines
- Strong interpersonal, communication, and customer-facing skills.
- Ability to understand and communicate technical concepts to a business audience.
- Ability to introduce and manage change within organizations.
- This person must be extremely hands-on as he/she will be the “go to” person for solution development and problem resolution
Basic Requirements:
- An advanced degree is preferred
Other
- Any offer of employment will be contingent on the successful completion of a comprehensive background check, drug screen, reference checks, finger print checks and others
- Unable to sponsor at this time
Desired Skills
Director of Security, Global, Firewall, Network Design, Anti-Virus Strategy, Platform Maintenance, Intrusion Detection Monitoring, System access ID, Logon procedures and policies, File transfer protocols, Procedure and practices, Identify and manage remediation efforts on vulnerabilities, ISO 27001, COBIT, COSO, Sox, PCI, Host security, Platform architecture, Network perimeter security, Application security modeling, Physical security, Systems integrity, Continuity planning, Manufacturing, Global Security, Security, CSO
How to Apply
http://www.cccitpeople.com/index.cfm?action=career_center&subaction=search_jobs
Position ID: 12162ALL
Location: Atlanta, Georgia, United States
Job Description
Experience: 15 – 20 years
Compensation: $125,000.00 – $150,000.00
Degree: BA
Position summary:
CCCi’s client has an immediate opening for their Director of Global Security, located in Atlanta, GA. The global Information Technology Security Director is responsible for the management of information security
policies, procedures and technical systems in order to maintain the confidentiality, integrity and availability of our client’s information systems. This individual will be responsible for the global development, implementation and ongoing management of information security policies and systems for compliance. This position will work closely with technology, applications and business areas to ensure that security programs are implemented and maintained. Additionally, this individual will advise and collaborate with business units on business continuity, disaster recovery plans, physical security and audit and governmental compliance practices. The individual must have a strong security, network and applications knowledge as well as communication and leadership skills in order to develop and manage the delivery of security programs to the organization.
Key Areas of Responsibility:
- Design, develop and implement information security architecture in a large global multi-geography enterprise environment
- Develop, implement, monitor and enhance data security policies, procedures and standards
- Test and evaluate new technologies that will enhance the security of the enterprise
- Partner with business units and various groups within Interface to define secure technology solutions
- Performs information security risk assessments and serves as the internal auditor for information security processes including risk identification, risk mitigation, and documentation
- Work with data owners, IT teams, compliance and legal to classify all data and maintain appropriate access restrictions
- Participate in the testing and development of the organizations disaster recovery plan on an annual basis to ensure data and information security practices are maintained
- Initiates, facilitates and promotes activities to foster information security awareness within the organization by developing and/or deploy Education and Awareness Programs
- Direct and provide hardening guidance in operating system, databases and application security
- Leads incident response team and facilitate incident management and response across all platforms and generate management reports
- Monitors advancements in information security technologies, and changes in the industry that affect information security
- Administer and maintain network security systems such as Firewalls, IDS (intrusion detection system), A/V (anti-virus) and incident management
- Leads forensic / security investigations under the direction of legal and human resource departments
- Conduct vulnerability assessments (network, server, databases, application, etc.) and drive remediation
- Define and validate system security requirements.
- Implement secure systems / standards using ISO 27001 and ISO 17799/27002
- Audit and monitor IT Security Best Practices including:
- Firewall/Network Design
- Anti-Virus Strategy
- Platform Maintenance
- Intrusion Detection Monitoring
- System access ID
- Logon procedures and policies
- File transfer protocols
- Procedure and practices
- Identify and manage remediation efforts on vulnerabilities
- Develop Security awareness and training programs
- Provide guidance and advocacy regarding prioritization of infrastructure investments that impact security
- Develop, publish and maintain comprehensive company-wide information privacy and security strategy, plans, policy, procedures, and guidelines
- Ensure departments consider information security risks in both ongoing and planned operations
- Maintain relationships with local, state, and federal law enforcement and other related agencies
- Work with outside consultants as appropriate on required security and risk audits
- Create selection criteria for vendor products, tools and services related to information security
- Monitor and report on our client’s risk management activities and compliance
Basic Requirements:
- Bachelor’s degree in Management Information Systems, Computer Science, Engineering or related discipline.
- Local candidates only
- 15+ years of overall IT experience
- Must have Global Security experience to be considered. Manufacturing experience is highly desired
- 8 to 10 years in a combination of risk management, IT Leadership information security and information technology desired.
- One or more of the following certifications are preferred:
- CISM
- CISA
- CISSP
- CRISC
- HISP
- Must possess an understanding of security and control frameworks such as:
- ISO 27001
- COBIT
- COSO
- Sox
- PCI
- Must have a solid understanding of information technology and information security practices, including the areas of:
- Host security
- Platform architecture
- Network perimeter security
- Intrusion detection / prevention
- Application security modeling
- Physical security
- Systems integrity
- Continuity planning
- Experience in security policy and standards development, implementation and program review
- Ability to synthesize complex technology concepts and apply them to strategic, business level considerations
- Experience in Unix, Windows, Linux, TCP/IP, Storage devices, network devices, fail-safe strategies, system architecture, LAN and WAN methods and intranet/internet security environments including;
- Firewalls
- Intrusion detection
- Incident response
- Policy writing
- Vulnerability testing
- Operating system hardening
- Regulatory compliance
- Data classification
- Strong understanding of data center operations, critical dependencies and network infrastructure
- Extensive knowledge of security infrastructures, processes and implementations
- Experience in performing Cloud Computing vendor evaluations (SaaS, PaaS, IaaS)
- Knowledge of relational database design and architecture with experience in data administration and security methods with tier 1:
- ERP (Oracle, SAP, JDE etc.)
- Web application layers
- E-commerce
- SQL
- Knowledge of risk assessment methodologies
- Knowledge of forensic analysis methodologies and tools
- Knowledge of auditing methodologies and tools
- Experience in the areas of:
- Full life-cycle project management
- SLA
- Staffing and budgeting
- Onshore and offshore resource management
- 24/7 operations
- Outsourcing strategy
- Experience in:
- NDS/HIDS
- SEIM
- Log Management
- Patch Management
- Vulnerability Management
- eDiscovery
- Virtual Machine Security
- Experience in:
- Security Architecture
- Policies & Standards
- Risk Management
- Incident Response
- Data Discovery
- Classification
- Excellent organization and time management skills with a focus on a delivery, responsiveness, ownership and accountability
- Ability to manage stress well under difficult situations and when dealing with issues and project deadlines
- Strong interpersonal, communication, and customer-facing skills.
- Ability to understand and communicate technical concepts to a business audience.
- Ability to introduce and manage change within organizations.
- This person must be extremely hands-on as he/she will be the “go to” person for solution development and problem resolution
Basic Requirements:
- An advanced degree is preferred
Other
- Any offer of employment will be contingent on the successful completion of a comprehensive background check, drug screen, reference checks, finger print checks and others
- Unable to sponsor at this time
Desired Skills
Director of Security, Global, Firewall, Network Design, Anti-Virus Strategy, Platform Maintenance, Intrusion Detection Monitoring, System access ID, Logon procedures and policies, File transfer protocols, Procedure and practices, Identify and manage remediation efforts on vulnerabilities, ISO 27001, COBIT, COSO, Sox, PCI, Host security, Platform architecture, Network perimeter security, Application security modeling, Physical security, Systems integrity, Continuity planning, Manufacturing, Global Security, Security, CSO
How to Apply
http://www.cccitpeople.com/index.cfm?action=career_center&subaction=search_jobs
Position ID: 12162ALL