Purpose:
- Oversee the implementation and management of effective and efficient cybersecurity platforms and services to safeguard companies' operations in the US and internationally.
- Enhance design processes, document and assess risks, and balance trade-offs between various controls, solutions, and risks.
- Support the monitoring of regulatory requirements for the USA, Trinidad & Tobago, Senegal, Mexico, and other countries within the International region, ensuring compliance requirements are understood and controls are in place to meet these requirements.
Commitment to continuous learning and self-improvement.
Delivers results, communicates openly, and embraces and quickly adapts to change.
Takes appropriate ownership.
Leadership:
- Foster a culture of ownership, empowerment, and excellence.
- Promote respect for diverse thoughts, feedback, and ideas, embracing radical openness and honesty in discussions to pursue excellence and the best solutions.
- Provide technical knowledge to internal and external stakeholders on cybersecurity controls, standards, and regulations.
Work Processes & Systems:
- Accountable for US/International cyber risk reviews and secured by design processes.
- Oversee companies project, architectural review, change management, and other work processes.
- Support the creation and maintenance of regional risk assessments for senior operations management.
Technical:
- Strong understanding of zero trust architecture design principles.
- Ability to technically assess solution designs, cybersecurity risks, and controls.
- Maintain (or commit to gaining) knowledge of:
- IAM, AAA, PKI, Encryption, MFA, TCP/IP, SIEM, IDS/IPS, EDR, proxy, Firewalls, VPNs, DLP, Windows and Linux operating systems, networking, Entra/Active Directory, scripting languages, OSI Model, monitoring, logging, PAM, SAML/OIDC, SIEM, SASE, API integrations, SDLC, Data Pipelines, AI (LLM). Note: No one person will know everything—learning and research may be required for each new project/design review.
- Prior experience in an IT operational role with experience in operating with standards and/or controls is preferred.
- Knowledge of current and emerging cybersecurity threats and attacker TTPs is a plus.
- Prior experience with NIST CIS and C2M2 is a plus.
Role Requirements:
- 3+ years of experience in cybersecurity and/or IT; IT operations experience is desirable, but prior cybersecurity experience is not required.
- A passion for quality, thoroughness, and continuous learning.
- 1+ years of experience in designing and delivering large-scale enterprise solutions.
- Strong design thinking, customer service, and analytical skills.
- Excellent communication and organizational skills, with good stakeholder management abilities.
- Proficiency in technical writing.
- Ability to understand business context and communicate risks and impacts clearly and concisely.
- Knowledge of frameworks such as NIST CIS and ISO27001 is desirable.
Qualifications:
- Bachelor's degree in Computer Science, Cybersecurity, or a related field is desirable.
- Preferred certifications include one or more of the following: CISSP, GCDA, GPEN, ITIL, MS Azure Security Engineer, MS Security Operations Analyst, MS Identity and Access Administrator, OSCP, CCNA/CCNP, CCDE, AWS Security.