About Datapath Search

Job ListingsSubmit ResumeCandidate Preparation

Return to previous page

View Job Posting - Datapath Search

Position00177 Cyber Security Program Director
City, StateNYC,NY
CountryUnited States
Salary175-225 plus 50-75K bonus
Contact NameSteve Silvi
Emailsilvi@datapathsearch.com
Phone203-869-3536
Description

Cyber Security Program Director

o    Duties and tasks to be performed include, but are not limited to: 

·         Provides leadership to leverage program organizational resources in order to improve the security of information systems

·         Directs the development and implementation of the information systems security program for the Parent Holding Company

·         Responsible for the development and on-going reporting of program metrics

·         Prepares and manages budget for the Parent Holding cyber security program

·         Proposes IT policies, standards, and procedures related to information systems security, including Incident Response

·          Directs all phases of planning and accomplishment of the information systems security functions and activities of the Program 

·         Supervises assigned staff and coordinates with other IT Teams

·         Directs the assessment of information systems to ensure that appropriate security functions have been included in the systems design and architecture.

·         Establishes, monitors and evaluates the performance of information systems in support of information systems security program accomplishments based on appropriate measures.

·         Maintains current knowledge of relevant technology as assigned.

·         Participates in special projects as required.

·         On call and after hours work can be expected

 

Requirements

o    Basic Qualifications: 

·         BA/BS degree in Information Technology or Information Security, Computer Science, Intelligence analysis, Cyber Security or another related field of study

·         Overall 10+ year of professional experience with 7+ years in Cyber Security

·         Experience in and knowledge of the NIST Cyber Security Framework (CSF)

·         Experience in and knowledge of industry standards (e.g. ISO 27001, NIST 800-53, CobiT, ITIL).

·         Advanced skills and established experience in IT security and risk management (understanding risk assessment, legal and regulatory requirements, threats, vulnerabilities, security policies etc.).

·         Deep understanding of infrastructure components, including infrastructure security components (e.g. Network security, Firewalls, IDS, IPS etc.).

·         Deep understanding of security architecture standard methodologies.

·         Ability to work independently on initiatives with little oversight.  Motivated and willing to learn.

·         Strong analytical skills/problem solving/conceptual thinking.

·         Effective communication skills

·         Awareness of Cloud Security Solutions

·         Must have Project Management, Share point and Presentation skills.

·         Proficient with putting together business cases, presentations, reporting, documentation and metrics.

·         Experience in leading or coordinating activities across a diverse group of professionals with visibility to senior management.

·         Excellent organizational, planning, problem solving and decision making skills including experience with project management methodologies.

·         Strong interpersonal skills, including verbal, written, and listening skills with the ability to influence and lead others.

 

o    Desired skills: 

·   Conceptual understanding of the Cyber Kill Chain, Intelligence Driven Defense and/or Diamond modeling of cyber threat activity

·   Experience working with and managing service providers

·   Enterprise incident handling experience

·   Forensic analysis and investigations experience

·   Experience with the following technologies:

  •  
    •  
      • Windows, Mac, Linux, AIX
      • Palo Alto Firewalls
      • Microsoft Office 365 SPE Security Suite
      • Crowdstrike Falcon or similar EDR
      • Splunk
      • Tanium
      • Nexpose and Metasploit
      • Mimecast
      • ServiceNow

 

·   CISSP, CISA, CISM or equivalent certification a plus.