Job #: 785
Title: IT Security Lead
Looking for someone who can be 40% hands on and 60% functional/technical. Will manage a team of 2-5. They use LogRhythm (SIEM), SourceFire (IDS) and FireAmp. Do not have to have these specific products. Technical and communication skills are most important.
Lead a small team of security engineers to implement technical solutions and provide operational capabilities.
Project manage security initiatives and provide project oversight of all security projects.
Provide oversight and technical direction for security initiatives.
Provide leadership and technical guidance to other members of the team.
Provide overall technical design & architecture for all aspects of security in the infrastructure.
Need to be hands-on both from a mentoring standpoint, as well as from an execution of tasks when team members are not available standpoint.
Supervise third-party vendors for various projects or services.
Create operational capabilities within the security organization.
· Review security platforms, identify deficiencies, recommend and implement improvements
· Work with vendors and colleagues to assess different technologies and determine their impact on security.
Troubleshoot security issues and assist with security incident responses and forensic investigations
Prepare risk reports to senior management including security incidents, system vulnerabilities, and ongoing compliance functions
Strong hands-on technical experience in the security domain. .i.e. must have hands-on experience with some of the key security technologies –IDS, SIEM implementations, Firewalls, Endpoint Security; SSL intercept etc.
· Strong communication skills. Ability to clearly articulate ideas, solutions etc.
Organized with Strong Project Management skills.
Self-driven — Ability to lead projects from initiation to completion.
Educational background with BS / MS in Computer Science, Engineering or related area.
Strong knowledge of internet, web, application and network security platforms.
Strong knowledge of Linux & Windows operating system security.
4+ years’ of experience in a similar position.
· Excellent analytical and problem solving skills to troubleshoot and resolve security issues
· Ability to perform and interpret vulnerability assessments
· Ability to administer the operations of a security infrastructure
· Ability to balance and prioritize work
Experience with threat modeling, penetration testing or running security scans with third party software
Experience working with IP networking, networking protocols and understanding of security related technologies including Encryption, VPNs, PKI, Firewalls, IDS, Proxies, NAC, SIEM, AV, DNS, Email, Wireless
Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
Some scripting experience is necessary.
Possess security certifications (CISSP, CCNA, etc)
Experience with project management and industry best practices
Experience working within the Financial Services industry
Technical depth/Problem solving
a) Has he/she done POC’s
b) Does he/she understand the problem domains that need to be addressed i.e. DLT or Endpoint protection.
c) Does he/she know how to define criteria for success for a particular implementation.
d) Is he/she asking the right questions to understand strength/weaknesses of a product of internal infrastructure
e) Is he hands on/ can he jump in and do the configurations on a platform to make sure it works.
P.M & Management
a) Does he know how to manage projects, prioritize, make decisions on what needs to be focused on first
b) Has he managed a team (small/big); Is he a good technical mentor to the existing team; i.e. Can he give good direction
a) Does he understand audit functions; Working with Compliance; regulators; NIST framework; Risk based assessments; policies, good writing skills etc.
a) Is he able to present to senior management; Polished etc.