[Hiring] Director of Cybersecurity / Information Security @Voyager Technologies

Role Description

The Director of Cybersecurity / Information Security is responsible for ensuring the safety of information systems assets and protecting systems from intentional or inadvertent access or destruction. This role will involve solving problems which are complex in nature, requiring the application of differing techniques.

This person will rely on extensive experience and judgement to plan and accomplish goals with advanced coordination and control. A wide degree of creativity and latitude is expected. Tasks and assignments tend to be highly complex, non-routine and/or require a greater level of expertise.

• Develops and implements enterprise information security architectures and solutions.
• Serves as a security expert in application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry and government regulations, and best practices.
• Maintains security hardware and software/SaaS.
• Administers security policies to control physical and virtual access to systems.
• Researches, advocates and implements new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors.
• Contributes to the development and maintenance of information security strategy and architecture across the enterprise.
• Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks.
• Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
• Researches attempted or successful efforts to compromise systems security and designs countermeasures.
• Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
• Manages relationship and works effectively with third party information security vendors.
• Partners and communicates with Government agencies, including NASA, the Department of Defense (DoD) and other relevant agencies, on information security matters.
• Communicates security risks and solutions to business partners and IT staff as needed.
• Participates in annual Information Security training/fairs.
• Attends cybersecurity events and participates in other external cybersecurity activities to maintain up to date knowledge.
• Responds to emergencies and remediates information security incidents.
• Protected Data & Classification of Data – Responsible for knowledge of government data protection requirements such as NIST 800-53 (moderate & high), NIST 800-171, CMMC 2.0, Controlled Unclassified Information (CUI), Export controlled/ITAR regulations and execution or participation in data protection strategies & implementations.
• Project Management - Plans and coordinates all aspects of internal cybersecurity-specific projects from initiation to delivery. Coordinates work performed by cybersecurity staff and internal customers/partners by defining project requirements, performing feasibility and needs/impact assessments. Develops detailed project plans and manages all implementation processes including resource allocation, progress tracking, monitoring change control process, testing, documentation, training and on-time delivery within budget constraints.
• Develop Cybersecurity protection roadmap and steps to implementation.
• Daily availability to include evenings and weekends when necessary to reach goals and deadlines.

Qualifications

• Bachelor's degree (B.S.) from four-year college or university in Cybersecurity related discipline and 10+ years of directly related experience and/or training; or equivalent combination of education and experience. Certifications preferred but not required include CISSP, CISM, etc.
• Strong oral and written communication abilities with management, employees and customers.
• Ability to formulate complex and comprehensive materials such as legal documents, authoritative reports, official publications of major scope and impact, etc., and/or to make formal presentations inside/outside of the company.
• Ability to compute, analyze, and interpret complex statistical data and/or to develop forecasts and computer models.
• Ability to analyze situations or data requiring an in-depth knowledge of organizational objectives.
• Ability to implement strategic policies when selecting methods, techniques, and evaluation criteria for obtaining results.
• Ability to establish and adhere to budgets, schedules, work plans, and performance requirements.
• Erroneous decisions will result in critical delay(s) in schedules and/or unit operations and may jeopardize overall business activities.
• Microsoft Office Suite.
• Support ticketing systems, change control methodologies and their importance to ITIL best practices.
• IT security concepts and application to ERP, Business systems, & applications.
• Firewall deployment, management and monitoring – i.e., FortiNet and related services.
• Email protection SaaS management – i.e., Mimecast / Proofpoint.
• Experience with SIEM implementation and management – i.e, Windows Sentinel or Huntress.
• Experience interacting with government agencies – i.e., NASA, DoD.

Requirements

• Effectively interacts with senior management or executives on matters concerning several functional areas, divisions, and/or customers.
• Requires the ability to change the thinking of, or gain acceptance from, others in sensitive situations, without damage to the relationship.

Benefits

• Competitive salary.
• Discretionary annual bonus plan.
• Paid time off (PTO).
• Comprehensive health benefit package.
• Retirement savings.
• Wellness program.
• Various other benefits.