Location: Plano,TX, USA
JOB TITLE: Director of INFOSEC & Cyber Security REPORTS TO: VP of Information Technology SUMMARY : The Director of INFOSEC & Cyber Security is responsible for the architecture, design, implementation, and operation of Aligneds technology information security and cycber security of infrastructure and application environments within its data centers and corporate offices. The Director of INFOSEC & Cyber Security reports to the VP of Information Technology and ultimately to the Global CTO. The director will collaborate with Aligneds business unit leaders and internal data center operations staff to provide security of the companys intellrctual property, information technologies, data, personal identifying information and all information related assets and services. Additional responsibilities include surveillance and monitoring of security related events, troubleshooting, evidence collection and chain of custody management, counter-surveillance and detection, security related compliance, and perform as the expert advisor and management of Information Security and Cyber Security services, platforms, and tools. DUTIES AND RESPONSIBILITIES: Develops and maintains a complete understanding of Aligneds technology and information systems. Directs the development and maintenance of Incident Response Plans and Cybersecurity procedures for information technology. Maintains current knowledge of the cyber security industry, digital privacy regulations, and standards for all regions. Identifies and communicates current and emerging security threats. Directs the architecture, design, build, implementation, and support of enterprise-class security systems based on the Center for Internet Security (CIS) controls and related standards. Designs security architecture elements to mitigate threats as they emerge. Anticipates stakeholder needs to discusses potential security and privacy solutions. Oversees and analyzes security assessments, including security program reviews, penetration testing, vulnerability testing, risk analysis, and provide recommendations related to findings. Create solutions that balance business requirements with information and cybersecurity requirements. Review and recommend security configuration and policies for firewalls, VPN systems,routers, IDS scanning technologies, servers, computers, mobile devices, audio/visual devices, IOT and IT systems. Ensures integration of projects and adjusts project scope, timing, and budgets as needed, based on the needs of the organization. Reviews and analyzes system logs, security tools, and network traffic for unusual or suspicious activity, and makes recommendations to restore secure operations. Reviews and tests new security software, tools and/or technologies to determine applicability to operations. Directs ongoing interviews and assessments with internal groups and management for the purpose of learning how employees interact with technology and to integrate cybersecurity measures. Works closely with internal auditing, legal, and IT teams to ensure compliance with applicable legal, regulatory, and industry requirements (e.g., FERPA, HIPAA, PCI-DSS, FIPS, NIST, CISA, ISO 27001, etc.). Works with Senior Leadership to formulate a comprehensive, strategic technology plan that is consistent with the overall business objectives and budgetary considerations. Oversees annual operating and capital budgets for all security platforms and hardware. Manages suppliers and vendors for information security and cyber security. QUALIFICATIONS: Equivalent experience or graduation from an accredited 4-year college or university degree in a job-related field of study. Five (5) years of experience responsible information security and cyber security management. Practical experience in Red, Blue, and Purple INFOSEC tasks and roles. Experience deploying and managing cyber security, digital privacy, and information security solutions for remote access, identity access management, and cloud based services. Experience leading ITIL V4 based processes (incident, change, problem, root cause analysis). PREFERRED CREDENTIALS: CISSP- Certified Information Systems Security Professional GSLC- GIAC Security Leadership CISM- Certified Information Security Manager CCSP- Certified Cloud Security Professional PREFERRED CLEARENCES: SCI/SAP L Clearence SCI/SAP Q Clearence Completed & Cleared DCSA Background ADDITIONAL COMPETENCIES: Ethics - Treats people with respect; Keeps commitments; Inspires the trust of others; Works with integrity and ethically; Upholds organizational values. Adaptability - Adapts to changes in the work environment; Manages competing demands; Changes approach or method to best fit the situation; Able to deal with frequent change, delays, or unexpected events. Analytical - Synthesizes complex or diverse information; Collects and researches data; Uses intuition and experience to complement data; Designs workflows and procedures. Dependability - Follows instructions, responds to management direction; Takes responsibility for own actions; Keeps commitments; Commits to long hours of work when necessary to reach goals; Completes tasks on time or notifies appropriate person with an alternate plan. Judgement - Displays willingness to make decisions; Exhibits sound and accurate judgment; Supports and explains reasoning for decisions; Includes appropriate people in decision-making process; Makes timely decisions. Organizational Support - Follows policies and procedures; Completes administrative tasks correctly and on time; Supports organization's goals and values; Benefits organization through outside activities; Supports affirmative action and respects diversity. Problem Solving - Identifies and resolves problems in a timely manner; Gathers and analyzes information skillfully; Develops alternative solutions; Works well in group problem solving situations; Uses reason even when dealing with emotional topics. Project Management - Develops project plans; Coordinates projects; Communicates changes and progress; Completes projects on time and budget; Manages project team activities. Safety and Security - Observes safety and security procedures; Determines appropriate action beyond guidelines; Reports potentially unsafe conditions; Uses equipment and materials properly. Strategic Thinking - Develops strategies to achieve organizational goals; Understands organization's strengths & weaknesses; Analyzes market and competition; Identifies external threats and opportunities; Adapts strategy to changing conditions. The above is intended to describe the general content of and requirements for the performance of this job. It is not to be construed as an exhaustive statement of duties, responsibilities or physical requirements. Nothing in this job description restricts managements right to assign or reassign duties and responsibilities to this job at any time. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Aligned Data Centers is an equal opportunity employer that embraces diversity and is committed to building a team that represents a variety of backgrounds, perspectives, and skills. Equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy, national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information, military and veteran status, and any other characteristic protected by applicable law.All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs