|Date Posted||April 5, 2019|
Note: CyberSecurity related skills are mandatory but network infrastructure related skills are optional
Long Term Contract positions (C2C or W2) at an Excellent Hourly Rate
The Director of CyberSecurity and Network Technologies has overall responsibility for the cost-effective enablement of a cybersecurity program and network infrastructure necessary to meet clients business requirements and objectives.
As such they will perform the following three roles:
• Technical security manager-- to protect computers, networks, and data from unintended or unauthorized access, change, or destruction.
• Program security manager -- to implement security awareness strategies that improve security awareness and mitigate security risks.
• Network architect (nice to have – not must) -- to design and implement cost-effective, resilient solutions that handle clients data, voice and wireless telecommunications needs (to include overall design, vendor selection, business case development, and project management of the solution).
The position is a very “hands on” and requires up to date technical skills. They will be a direct report to the CIO and member of the IT Leadership team (ITLT).
Essential duties and responsibilities are as follows:
• Hire, train, coach, mentor clients cybersecurity and network personnel.
• Provide regular performance feedback and conduct goals and objectives/performance reviews with his/her direct reports. Ensure that all members of his/her team have annual goals.
• Establish and report key performance indicators (KPIs) and service level agreements (SLAs).
• Create the annual budget and capital plan for his/her areas of responsibility.
• Establish trusted partnerships with peers and all colleagues throughout Clients.
• Define and publish Service Level Agreements (SLA’s) for all network and security services and measure SLA achievement.
• Lead, manage, and monitor the design, development, implementation, support, and troubleshooting of all of clients network and security related infrastructure to include WAN’s, LANS, firewalls, routers, switches, wireless, MDM’s, etc..
• Stay abreast of cybersecurity and network trends and put together appropriate business cases to facilitate their adoption.
• Ensure that all projects assigned are completed on schedule and on budget.
• Design a cost-effective and robust technology platform in the areas of cybersecurity and network technologies
• Evaluate, recommend, and monitor Clients cybersecurity and network related infrastructure, vendors, and business partners (outsourced services, hosting, etc.). Partner with the CIO in the negotiation of the larger, more complex Agreements to include purchase, license, maintenance, hosting and lease agreements.
• Assist in the creation of business continuity and disaster recovery design, planning, development, implementation, monitoring, and execution (if necessary).
• Is an ex-officio member of Change Advisory Board (CAB).
• Provide production support (including on-call after hours support) to ensure that all critical and high severity cybersecurity and network related problems are addressed and corrected in a timely manner so as to not affect Clients ’s business operations..
• Fully support and champion the Clients Treehouse rules.
• Travel is up to 20%.
Technical Security Manager Duties/Responsibilities
• Implement new technology that cost effectively mitigates security risks.
• Ensure the compliance of all applications, systems and network infrastructure with application security policies, standards and procedures.
• Function as Clients information security subject matter expert.
• Lead the evaluation of security technologies and processes to respond to existing and new risks
• Develop and manage process for security event log monitoring and analysis.
• Establish and manage a comprehensive Identity and Access Management process.
• Establish polices controlling access to Clients network.
• Lead security incident triage that includes determining the scope, urgency, and potential impact of the specific vulnerability. Expeditiously remediate said vulnerability.
• Lead the periodic vulnerability scanning process and penetration tests.
• Partner with infrastructure and application architecture owners to ensure new and existing systems align with defined and agreed security policies.
Program Security Manager Duties/Responsibilities
• Build a 3 year roadmap for Clients cybersecurity program.
• Manage and continuously develop the information security program, including strategy, policies, process, and metrics.
• Provide strategic direction to Clients personnel on emerging security risks.
• Communicate the state of Clients information security program, including successes and failures.
• Detail out the security incident response program and ensure that said program is tested throughout Clients and that all managers know their duties during such an incident.
• Maintain a current understanding the IT threat landscape for our industry.
• Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced.
• Manage continuous enhancement of a company-wide cybersecurity awareness program.
• Provide education and outreach to Clients employees regarding their roles in protecting the Clients security posture.
Network Architect Duties/Responsibilities (this is desired BUT NOT Required)
• Provide a highly reliable and available network that cost effectively achieves a “near zero downtime” goal.
• Lead the development, maintenance, and operation of Clients data, voice and wireless infrastructure. Oversee the install, configuration, and troubleshooting of the corresponding t hardware and software.
• Develop and maintain network equipment 3 to 5 year lifecycle plan.
• Drive service quality monitoring and capacity planning processes to ensure network and communications systems can accommodate current and future Clients business initiatives.
• Establish Clients network technology road map in support of Clients business goals and strategies.
• Explore new capabilities and emerging network/telecommunications technologies and apply to Clients roadmaps where appropriate.
This position has Engineer level (SME’s) and Analyst direct reports as appropriate to encompass the areas of security and network administration (voice, data and mobile
CISCO and security certifications are required. One or more of the following security certifications is preferred:
• Certified Information Security Systems Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
Ability to work weekends and overnights, as needed.
Ability to travel as necessitated by business need (sometimes on short notice) up to 25 % of the time.