Director – Cybersecurity
Location: Charlotte, NC
Major Duties & Responsibilities
The Director, Cybersecurity leads Company’s cybersecurity program in order to protect the organization's critical IT and OT systems and assets using the CIS Controls and NERC CIP cybersecurity frameworks and practices. As the subject matter expert in information security and cybersecurity, the Director supervises a team of security personnel and has the overall accountability of establishing, monitoring, managing, and maintaining the technologies and processes used to secure company information and operating technology systems, networks and data.
- Develop, implement, manage, and maintain the organization's cybersecurity strategy and roadmap and associated plans, policies, procedures, practices, requirements, and controls.
- Establish, monitor, manage, and maintain the technologies and processes used to secure company information and operating technology systems, networks and data.
- Lead threat prevention and resiliency strategies for Company. Stay up to date on recent threats (e.g., OWASP Top 10), evaluate potential security threats and protect the organization’s infrastructure from those threats to minimize downtime and expenditures.
- Direct Company’s cybersecurity team in protecting the organization’s IT and OT infrastructure from threats, responding to security requests, investigating, and responding to alerts and incident tickets, developing and maintaining security documentation, managing network and endpoint security, vulnerability management, identity and access management, SIEM and log management, cloud security operations, and overall security monitoring and reporting.
- Oversee the development of the organization’s incident response plan and direct cyber incident response and crisis management for Company, ensuring swift and effective response to security events and incidents.
- Conduct regular risk assessments and vulnerability tests, including penetration tests, to identify potential security threats and develop strategies to reduce risk in security operations.
- Ensure new systems align with the organization’s overall security policies and data protection strategies.
- Prepare and manage the cybersecurity budget for the organization.
- Provide technical leadership and oversight to security design, securityarchitecture activities, and initiatives.
- Be accountable for organizational compliance with security relatedgovernmental laws, rules, and regulation, including NERC standardrequirements. Ensure that all cybersecurity measures adhere to stateand federal laws and regulations.
- Implement organizational strategies to meet or exceed the CIS Control framework.
- Develop security reporting mechanisms and associated security KPIs that keep the organization aware of its security risk profile.
- Serve as a liaison between business and security teams, facilitating communication and ensuring security requirements are identified and integrated efficiently into business processes and projects.
- Manage endpoint and network security environments and associated security tools to meet organizational cybersecurity objectives.
- Manage partners, stakeholders, vendors and third-party service/solution providers of relevant cybersecurity services.
- Develop and implement security awareness programs to educate employees about security best practices and promote a culture of security within the organization.
- Provide technical cybersecurity support to the NERC CIP program staff to facilitate identification of efficient solutions to meet compliance obligations.
- Stay current with the latest industry trends, threats, and technologies to ensure that the organization's cybersecurity measures are current and effective.
Requirements
Education/Experience Required
- Bachelor's degree in a related field such as Computer Science, IT or cybersecurity. Master’s degree in Information Systems or a related cybersecurity field preferred.
- At least 10 years of industry experience in Information Security and cybersecurity, with a minimum of 5 years in a leadership role over cybersecurity teams
- Security certifications greatly preferred (e.g., CISSP, CISM, CISA)
- Mastery level experience with security tools, technologies, hardware, software, and processes in the network, server and endpoint, applications and cloud infrastructure domains. This includes in-depth working knowledge of:
‒ Network security
‒ Endpoint security
‒ Application security and hands on experience mitigating application vulnerabilities and threats, such as SQL injection and cross-site scripting.
‒ Intrusion detection and prevention systems
‒ Encryption
‒ Antivirus software
‒ Incident response and management processes
‒ Penetration testing
‒ Vulnerability testing and management using Nessus or similar products.
‒ Security risk assessments
‒ Active Directory
‒ Data Loss Prevention
‒ Identity and access management approaches (e.g., Azure Active Directory, OKTA MFA, SSO)
‒ Office 365 security concepts, policies, settings, and practices
‒ Email security through Mimecast.
- Experience understanding and implementing regulatory requirements and industry standards related to IT and OT security, such as NERC CIP, the NIST cybersecurity and CIS Controls frameworks, SOC1/2, PCI, HIPAA, CCPA/GDPR or related security frameworks.
- Demonstrated ability to identify and mitigate security risks.
- Strong leadership and management skills, with the ability to mentor, motivate, and inspire a team.
- Excellent problem-solving and analytical skills
- Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.
- Ability to work independently or as part of a team to manage multiple priorities and see tasks through to completion without significant guidance.
- Highly desirable skills include experience with:
‒ Power generation design, operations and maintenance as it relates to cybersecurity policies and practices.
‒ Support for power generation control systems
‒ KACE patching platforms
‒ Malwarebytes EDR/MDR platforms
‒ SumoLogic SIEM
‒ NERC CIP program support
‒ Ethical hacking
‒ Disaster recovery training and experience
‒ Scripting and source code programming languages that the cybersecurity team will be using.