Major Responsibilities

• Define, implement, assess, and maintain controls necessary to protect the network/internet perimeter in accordance with security requirements (E.g., Firewalls, DMZ, Network connections, Third-party connectivity, Remote access, VPNs)
• Manage team resources, including facilitating activities allocation, tracking and adjusting utilization, and ensuring project team members under own project areas understand and accept their project roles and responsibilities.
• Lead and manage project backlog under responsibilities
• Manages the reporting and documentation on quality, standards, and cost of projects under responsibility.
• Coach junior engineers regarding project management and technical issues.
• Address security throughout the development and acquisition lifecycle
• Develop and maintain a security architecture.
• Define, implement, manage and maintain identities and access controls based on identities (e.g., Password management, Single Sign-On, Multi-factor authentication, PIN management, Digital signatures, Smart cards, Biometrics, AD)
• Ensures that system access is maintained in accordance with company policies
• Administer and supports all access management control activities across all infrastructure systems (systems, equipment, hosts, and networks)
• Lead and drive cybersecurity technology projects to achieve results in terms of quality, time and cost
• Ensure planning to go-live and deployment activities and facilitate their execution as well as post launch success and continuously identifying key improvement areas
• Provide technical advice on technological innovations and alignment with the cybersecurity strategic objectives of GC and future architectural standards to enhance cybersecurity quality
• Define, implement, assess, and maintain controls necessary to protect software and applications in accordance with security requirements (operating systems, applications, database management systems, web-based applications, COTS; maintenance)
• Identify potential flaws in application and design countermeasures or mitigations against potential exploitations of programming language weaknesses and vulnerabilities in system and elements
• Define, implement, assess, and maintain controls necessary to protect information and vital assets (including media) in accordance with security requirements (includes privacy requirements, PII, DLP, encryption)
• Ensure data lifecycle is secured

Education

Bachelor's degree or higher in computer science, cybersecurity, information technology, software engineering, information systems, computer engineering or related field

Prefer: CISSP or CISA / CISM

Experiences

• Minimum of 5 year experience in information security, security solution implementation, security architecture, security management, data security, cloud and/or OT security
• Minimum of 3 year experience in overall management within a large enterprise environment