| Open Requirements - Remote at Remote, Remote, USA |
| Email: [email protected] |
| From: Srikanth, Livemindz.com [email protected] Reply to: [email protected] Hi, Hope you are doing great, Please send me resumes for open requirements. Job Title 1: Information Security Operations Lead Position Responsibilities Contributes to the development and maintenance of the Information Security Strategy and related roadmaps. Works closely with other IT managers and staff to ensure that security is appropriately addressed in the implementation and operation of all IT services, systems and platforms. Maintains deep expertise in the growing body of IT security vulnerabilities, threats, exploits and mitigations. Serves as lead engineer supporting Security Operations and Incident Response. Owns and manages the Security Operations and Incident Response organization, systems and services. Owns and manages the Posture Management program. Evolves the SecOps services in response to audits, penetration tests and other relevant inputs. Manages service delivery and service levels through approved outsourced service providers. Maintains collaborative, collegial SecOps culture. Manages xxxx SecOps staff, balancing career goals with department needs. Develops, maintains and reports metrics and KPIs to manage the effectiveness of the Security Operations practices. Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and comprehensible solutions. Applies strong logic and principles-based reasoning to define solutions and justify proposals. Experience/Skills ( 10+ yrs ) Extensive experience managing Security Operations org and services ( SOC, Vulnerability Mgt, Incident Response, etc ) Extensive expertise in NIST and ISO 27000 security practice frameworks. Extensive hands-on experience with security infrastructures ( e.g. Firewalls, IDS/IPS, VPN, Web Content Filters, Proxies, DLP, SIEM, Log aggregation and correlation technologies ) Experience / expertise with Splunk or Sentinel Proficiency with scripting / programming languages ( e.g. Python, Ruby, Powershell ) Experience securing and managing Cloud infrastructures (e.g. Azure, AWS, GCP ) Familiarity with international data privacy regulations and best practices. The following are not essential, but are highly valued; Experience in application or infrastructure penetration testing Experience operating one or more common IT infrastructures ( Telecom, Windows and *NIX systems, virtualization platforms ) Demonstrable expertise with configuration automation practices and toolchains (e.g. Chef, Puppet, Ansible, etc) Education: Bachelor's or master's degree in computer science, information systems or other related field, or equivalent work experience. Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender ( GCED ) Job Title 2 : IT Security Portfolio Manager Position Responsibilities: Own xxxxs project delivery framework for all IT Security projects. Provide training and coaching to IT Security Project Managers and key stakeholders of the project delivery framework processes and templates. Oversee compliance and successful execution of all IT Security Projects and Initiatives Deliver IT portfolio level status presentations/reporting, tracking in-progress programs/projects against scope, schedule, budget, and risks/issues. Oversee the IT Security Azure DevOps Platform for data quality of all IT Security Projects and Initiatives. Oversee the IT Security Project Budget, tracking forecast to actual and facilitate quarterly forecast reviews. Oversee the IT Security Contract Management que, tracking vendor value reviews and contract renewals/status. Facilitate portfolio level reviews to ensure the entire IT Security portfolio of projects is well understood, on track, and actioned for success. Facilitate the portfolio level resource planning process, ensuring overall resource capacity and resource allocations are transparent. Own risk management for the IT Security team and provide IT risk management governance and reporting for both Enterprise and Project level risks. Lead/conduct periodic mock governance gate reviews of the projects, ensuring that IT Security Projects are adhering to established frameworks and to evaluate health of the projects. Provide expertise to project managers to course correct at risk/off track projects. Directly manage programs/projects when called upon. Experience/Skills (10+ years) Proven track record in delivering IT programs/projects of various degrees of duration, budget, and complexity on-time, on-budget and in-scope Proven track record in successful governance of a portfolio of programs/projects Experience in the effective governance of third-party service delivery partners Experience in software development life cycle methodologies and current technology industry best practices (including DevSecOps) Knowledge of IT Systems (e.g. Infrastructure, Security, Applications, and Data) Ability to build and maintain relationships with senior management, stakeholders, and team members Strong conceptual thinking and problem-solving skills - the ability to translate complex business and technical challenges into effective and comprehensible action plans Ability to effectively prioritize and execute tasks in a high-pressure environment Strong leadership and mentorship skills Excellent verbal and written communication skills Detail oriented and self-starter Proficiency with the Microsoft Office suite including Project, Excel and Visio Proficiency with Power BI preferred but not mandatory Proficiency with Azure DevOps or similar software preferred but not mandatory Experience in the reinsurance and insurance industry is preferred but not mandatory Qualifications Project Management Professional (PMP) or Program Management Professional (PgMP) certification preferred Agile Project Management certification Certified Scrum Master (CSM), Scaled Agile Framework (SAFe) or similar preferred CISSP (Certified Information Systems Security Professional) or CISM (Certified Security Information Manager) preferred Education Bachelors degree in computer science, information systems, or equivalent work experience preferred. Certified Information Systems Security Professional (CISSP) or Security Supervision and Management (CSSM) certification preferred Job Title 3: Data Security Lead Owns and manages xxxx Data Security systems and services, Serves as lead engineer supporting PKI/CA, cryptography, secrets management, tokenization, discovery and classification systems and services. Contributes to the development and implementation of Information Security Strategy and related roadmaps. Works closely with other IT managers and staff to ensure that Data Security is appropriately addressed in the implementation and operation of all IT services, systems and platforms. Researches and advocates new solutions to support Data Security requirements of the enterprise, its customers and business partners. Maintains deep expertise in how to secure traditional and modern data storage platforms and services. Manages Data Security service levels through approved outsourced service providers. Adept at automating recurrent workflows. Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and comprehensible solutions. Applies strong logic and principles-based reasoning to define solutions and justify proposals. Facilitates compliance with relevant standards and regulations Experience/Skills ( 5 -10 yrs ) Extensive expertise in NIST and ISO 27000 security practice frameworks. Extensive hands-on experience with Data Security technologies (e.g. Public Key Infrastructure / Certificate Authority, PGP, SSH, Database encryption, key management, enterprise file encryption, email encryption, datalake protections. ) Experience securing Cloud infrastructures and services ( Azure preferred ) Proficiency with scripting / programming languages ( e.g. Python, Ruby, Powershell ) Familiarity with international data privacy regulations and best practices. The following are not essential, but are highly valued; Professional experience in application or infrastructure penetration testing Demonstrable expertise with configuration automation practices and toolchains (e.g. Chef, Puppet, Ansible, etc) Education: Bachelor's or master's degree in computer science, information systems or other related field, or equivalent work experience. Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), SANS GIAC Information Security Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender ( GCED ) Thanks and Regards, Srikanth [email protected] 469-965-0489 Keywords: business intelligence information technology California |
| [email protected] View all |
| Wed Jan 31 00:02:00 UTC 2024 |