Director of Cybersecurity / Information Security

About The Position

Requirements

• Bachelor's degree (B.S.) from four-year college or university in Cybersecurity related discipline and 10+ years of directly related experience and/or training; or equivalent combination of education and experience.
• Strong oral and written communication abilities with management, employees and customers. Ability to formulate complex and comprehensive materials such as legal documents, authoritative reports, official publications of major scope and impact, etc., and/or to make formal presentations inside/outside of the company.
• Ability to compute, analyze, and interpret complex statistical data and/or to develop forecasts and computer models.
• Ability to analyze situations or data requiring an in-depth knowledge of organizational objectives.
• Ability to implement strategic policies when selecting methods, techniques, and evaluation criteria for obtaining results. Ability to establish and adhere to budgets, schedules, work plans, and performance requirements. Erroneous decisions will result in critical delay(s) in schedules and/or unit operations and may jeopardize overall business activities.
• Microsoft Office Suite.
• Support ticketing systems, change control methodologies and their importance to ITIL best practices.
• IT security concepts and application to ERP, Business systems, & applications.
• Firewall deployment, management and monitoring – i.e., FortiNet and related services
• Email protection SaaS management – i.e., Mimecast / Proofpoint.
• Experience with SIEM implementation and management – i.e, Windows Sentinel or Huntress.
• Experience interacting with government agencies – i.e., NASA, DoD.
• Effectively interacts with senior management or executives on matters concerning several functional areas, divisions, and/or customers.
• Requires the ability to change the thinking of, or gain acceptance from, others in sensitive situations, without damage to the relationship.
• Follows all import/export requirements, consulting with facility import/export personnel as required.
• To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.

Nice To Haves

• Certifications preferred but not required include CISSP, CISM, etc.

Responsibilities

• Develops and implements enterprise information security architectures and solutions.
• Serves as a security expert in application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry and government regulations, and best practices.
• Maintains security hardware and software/SaaS.
• Administers security policies to control physical and virtual access to systems.
• Researches, advocates and implements new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors.
• Contributes to the development and maintenance of information security strategy and architecture across the enterprise.
• Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks.
• Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
• Researches attempted or successful efforts to compromise systems security and designs countermeasures.
• Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
• Manages relationship and works effectively with third party information security vendors.
• Partners and communicates with Government agencies, including NASA, the Department of Defense (DoD) and other relevant agencies, on information security matters.
• Communicates security risks and solutions to business partners and IT staff as needed.
• Participates in annual Information Security training/fairs.
• Attends cybersecurity events and participates in other external cybersecurity activities to maintain up to date knowledge.
• Responds to emergencies and remediates information security incidents.
• Protected Data & Classification of Data – The position will be responsible for knowledge of government data protection requirements such as but not limited to NIST 800-53 (moderate & high), NIST 800-171, CMMC 2.0, Controlled Unclassified Information (CUI), Export controlled/ITAR regulations and subsequent execution or participating with team members in data protection strategies & implementations.
• Project Management - Plans and coordinates all aspects of internal cybersecurity-specific projects from initiation to delivery. Coordinates work performed by cybersecurity staff and internal customers/partners by defining project requirements, performing feasibility and needs/impact assessments. Develops detailed project plans and manages all implementation processes including resource allocation, progress tracking, monitoring change control process, testing, documentation, training and on-time delivery within budget constraints.
• Develop Cybersecurity protection roadmap and steps to implementation.
• Daily availability to include evenings and weekends when necessary to reach goals and deadlines.

Benefits

• Voyager offers a comprehensive, total compensation package, which includes competitive salary, a discretionary annual bonus plan, paid time off (PTO), a comprehensive health benefit package, retirement savings, wellness program, and various other benefits.