Prestigious Enterprise Company is currently seeking a Lead Information Security Engineer. Candidate is responsible for developing strategies, defining roadmaps, and ensuring overall IT security risk is appropriately managed and reviewed.
Monitor and manage the effective delivery of outsourced security services such as malware detection and remediation, intrusion detection and prevention, vulnerability management, encryption services, incident response, access control, security information and event management, penetration testing, risk assessments and cyber forensics.
Develop and Implement strategies and roadmaps to continuously improve and maintain IT Security.
Anticipates opportunities and can articulate recommendations concerning new IT Security technologies, processes, procedures to effectively manage business risk.
Be actively involved in all stages of IT related projects ensuring security solutions are effectively developed and implemented.
Keep up-to-date knowledge of new and emerging threats that can affect the organizations information assets by analysing third party software/solutions, IT configuration changes and network/system architecture from a business risk perspective.
Work with other IT groups and business stakeholders to address security related concerns.
Review and maintain IT and OT information security policies and standards to reflect changing business requirements, disruptive technologies and emerging threats.
Responsible for the evaluation, selection, and implementation of outsourced security services including contract reviews, creation of SOW's, development of business cases and service delivery.
Bachelor's degree in Information Security, Information Technology, or equivalent technical experience
10+ years IT Security experience including security architecture
CISSP or CISM preferred
Strong foundational knowledge in multiple information security domains such as access control, network security, operations security, application security, cryptography, computer forensics, security architecture and design, mobile device security, cloud security best practices
Experience working in a managed security environment
After hours work may be necessary to support outages or off-hours maintenance windows.
Experience performing IT security risk assessments and gap analysis
Strong skills in IT security system design, analysis and problem solving
Understanding of Citrix, Cyber-Ark, ePO, FireEye, Linux, Windows Server, PKI, and Active Directory