This Description, Requirements, Objectives and Skills/Qualifications is a starting point and may not include other aspects of the position that may be outlined/discussed during interviews. Palo Alto is our corporate office location - this position may be remote.
Develop and maintain IT Information Systems Security Program; Unlike a project, a program is a perpetual practice requiring vigilance and breath and span of influence. Develop an all-encompassing practice to include programs to protect data and information systems as well developing and promoting employee training. Additionally, this role would require engineering and extensive operations knowledge in additional to developing and maintaining program governance. In addition, this role requires development and maintenance of policies and programs such as Incident Response and First Responder tabletop exercises as well as focused drills; Select and implement suitable security technology to enforce security and support a stable environment; Ensure environment meets compliance and cyber security requirements; Interface with executive leadership team to identify and plan for future security requirements. Oversight of the technological infrastructure patching (networks and computer systems) in the organization to ensure optimal security; Monitor changes or advancements in technology to discover ways the company can gain risk deduction of information technology. Participate in external peer organizations such as National Defense - Information Sharing and Analysis Center (ND-ISAC) to maintain awareness of current threats.
Set objectives and strategies for protecting Controlled Unclassified Information (CUI); Preparations for passing the Cybersecurity Maturity Model Certification (CMMC); With IT team, design and customize technological systems and platforms to improve security posture; Plan the implementation of new systems and provide guidance to IT professionals and other staff within the organization. A total security program needs to include collaboration with physical security, video surveillance and access systems and the associated threat intelligence generated by these systems which needs to be correlated with cyber and information threat intelligence.
Proven experience on both the cyber technologies as well as the Information Security (INFOSEC) disciplines. INFOSEC experience includes the Compliance, Regulatory and Legal attributes of a program practice. This includes such areas as audits regardless, if mandatory for the industry sector or required for insurance policy maintenance. Cyber technical includes but is not limited to firewalls, Data Loss Prevention Systems, Endpoint Protection, encryption technologies, Cloud storage and services and mobile devices. In addition, Penetration Tests, Vulnerability Testing and Phishing Programs must be established and maintained along with data visualization. Experience with Security Information Event Management (SIEM) is mandatory. Establish and maintain third party Security Operations Center (SOC) for further threat intelligence. Excellent organizational and leadership skills; Outstanding communication and interpersonal abilities; Experience working in matrix organizations.
Report to the Chief Information Officer. Partner with department heads (e.g., Human Resources, and other IT technology divisions) to assist in the training and awareness of CPI evaluate, implement and support the appropriate IT solutions to support operations; Team with the Information Technology group to ensure privacy and data security of all systems; Ensure the cyber support team is responsive and knowledgeable; Identify and implement cyber outsourcing opportunities where appropriate; Develop and implement IT policies and Standard Operating Procedures (SOP).
Skills & Qualifications:
Minimum of a bachelor's degree, preferably in Cyber Security, Computer Science or Information Technology; 20+ years of IT experience with protective systems and programs; 10+ years leading an IT technology oriented organization; Demonstrated history of developing, executing and delivering Information System Security solutions on time and on budget; Knowledge and leadership presence necessary to balance the needs of the business and technology partners with solid security principles; Success building high-performing teams; Excellent interpersonal skills, including the ability to build and maintain effective working relationships; Outstanding communication and presentation skills; A highly analytical mind-set with superb problem-solving skills; A strong sense of risk management and profitable balance; A technologist with in-depth knowledge of the current and up-and-coming trends in IT and Cyber Security are strongly desired as well as experience in Microwave Communications or Defense; BSc/BA in computer science, engineering or relevant field; MSc/MA will be preferred.
CPI values the contributions of a diverse workforce and is proud to be an Equal Opportunity Employer.