Minimum of ten years of management level experience. Prefer experience in a combination of information security and IT-related positions.
Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
Demonstrated knowledge and understanding of relevant legal and regulatory requirements, such as New York Department of Financial Services Cybersecurity regulation, NAIC Data Security Model Law, and Health Insurance Portability and Accountability Act (HIPAA).
Demonstrated excellent verbal and written communication skills, interpersonal and collaborative skills with the ability to convey complex concepts and security and risk-related information to internal and external customers (technical and non-technical) at all levels in a clear, accurate, focused and concise manner and presentation style. Verbal and written communications are to conform to proper rules of punctuation, grammar, diction and style.
Demonstrated experience effectively influencing a group to a recommended course of action.
Proven leadership, interpersonal skills and ability to work cross-functionally and to develop associates in their skills and proficiency, while achieving tactical and strategic goals.
Demonstrated poise and ability to act calmly and competently in high-pressure, high-stress situations.
Proven strong quantitative and analytical skills, including demonstrated experience identifying, defining, and resolving complex programs, and collecting or interpreting data to establish facts and draw valid conclusions to provide effective resolutions. Proven experience with sound decision-making and critical thinking skills when dealing with multiple alternatives. Must demonstrate the ability to conceptualize and apply new methodologies.
Proven experience in working with complex programs, which require identifying complex data and analyzing the quality of the output provided.
Demonstrated ability to manage multiple projects under strict timelines, within budget and financial targets and with appropriate resource management as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
This position works in an office setting and remains in a stationary position for long periods of time while working at a desk, on a computer or with other standard office equipment, or while in meetings.
Requires visual acuity to read a variety of correspondence, reports and forms, and to prepare and analyze data in an accurate, neat and thorough manner.
Ability to continuously make repetitive motions of the wrists, hands and/or fingers.
Computer Skills and Knowledge of Hardware & Software Required:
Demonstrated knowledge of threat detection and remediation tools vulnerability management, Rapid 7 preferred.
Expert knowledge of Security Incident and Event (SIEM) technology and incident detection, correlation and analysis; QRadar preferred.
Scripting skills in one of the following: perl, python, ruby, C, C++ or Java.
Certifications & Licenses (i.e., Series 6 & 63, CPA, etc.):
Candidate expected to hold one or more of the following security certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC).
Valid driver’s license and satisfactory driving record.