Develops and implements business domain expertise to inform the cybersecurity and compliance risk management strategy.
Exercises appropriate standard and associated risk controls based in compliance with NIST 800-53.
Develops, implements, and maintains security controls, processes, and procedures to manage risk across all information system environments (infrastructure, network, and applications) with the assistance of the application and infrastructure management teams.
Ensures technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes.
Determines how mainstream and emerging technologies can be safely and securely used to advance business strategy.
Establishes and manages a security risk governance framework; publishes and disseminates security policies, standards, and supporting materials to reduce risk through security awareness, and monitors compliance.
Assists and directs organization in the daily execution of identifying, developing, implementing, and maintaining processes to reduce strategic business and information risks.
Develops overall cybersecurity program plans, guidance, and procedures necessary to effectively execute diverse technical, administrative and program functions.
4-year college degree or equivalent technical study
Proven experience leading and managing innovative teams of highly technical professionals 15+ years in privacy, security, or a related field
One or more Information Security Certifications preferred: CISSP, CISM, CCSP, GSLC, GSEC, CISA
Strong experience in developing cybersecurity roadmap and strategy
Demonstrate clear and concise writing, and verbal skills to communicate complex issues and solutions in simple terms to all levels of the organization
Strong experience in cybersecurity strategic planning, NIST compliance, CMMC or CMMI maturity models
Strong experience in Program Management or experience planning and leading a team to achieve a technical goal.
Demonstrated experience with collaborating in a highly matrixed environment which involves multiple internal and external stakeholders to gather data that enables prioritization and action
Experience with developing key metrics reports, tracking project, develop corrective action project plans as required Experience with developing key metrics reports, tracking project, develop corrective action project plans as required
Excellent analytical, project management and organizational skills with a keen attention to detail.
Solid analytical/problem-solving skills with the ability to identify solutions to unusual and complex problems.
Excellent written and verbal communication skills.