Head of Cybersecurity Architecture and Engineering

About The Position

Requirements

• Ten (10+) years of cyber security architecture and engineering leadership experience.
• Previous leadership experience in medium sized to large teams.
• Knowledge of cybersecurity governance, design, and operations.
• Strong ability to communicate via written and verbal communication in both formal and casual situations.
• Ability to effectively communicate technical information and translate it between stakeholders.
• Experience managing teams and vendors, driving SLAs
• Experience with managing security with SaaS providers.

Nice To Haves

• Self-starter who takes ownership and responsibility for prudent service delivery.
• Works independently with minimal guidance to drive projects to completion, while also working collaboratively with the team to achieve strategic goals.
• Professional, clear, and concise verbal and written communication to internal customers, subject matter experts, upper management and other audiences.
• A collaborative team player who will solicit and offer input and support decision-making.
• Position requires access to sensitive confidential material; Integrity and discretion are mandatory.
• Comfortable working in a continuously changing, fast-pace environment - balancing multiple priorities, special projects, and other activities.

Responsibilities

• Manage vendor teams and drive discussions with various project teams, developers, and operations teams to ensure compliance with security guidelines and standards.
• Experience with cyber security implementations within a major Cloud operating environment.
• Experience developing cyber defense strategy including multiple layers of defense.
• Knowledge of cybersecurity governance, design, and operations.
• Experience and Expertise in Information Security and architecture designing Secure architecture patterns.
• Experience in multi cloud security architecture. Primary focus in Azure.
• Experience leading strategy and roadmap of capabilities from security architecture perspective.
• Drive security controls with information security standards such as: NIST CSF, SOX, SOC2, and CIS Controls.
• Strong background in cyber security controls frameworks and regulatory requirements including NIST 800-53, NIST CSF, CSA CCM, SOX, and Privacy regulations.
• Lead the design of security controls for business solutions including the design of application-level access and entitlement management, data tenancy and isolation, encryption, and logging.
• Expertise in Database and Management technologies including both relational and NoSQL DBs.
• Expertise in AWS Data Migration Service and Test Data management frameworks including encryption, masking, data and database migration.
• Skilled in Identity and Secrets Management, Logging and Monitoring, Application Security and Vulnerability Management and Threat Detection and Response.
• Skilled in DevSecops & CI/CD framework and tools.

Benefits

• Eligible full-time teammates enjoy access to medical, dental, vision, life, disability, and AD&D insurance; tax-advantaged savings accounts; and a 401(k) plan with company match.
• CRC Group also offers generous paid time off programs, including company holidays, vacation and sick days, new parent leave, and more.
• Eligible positions may also qualify for restricted stock units and/or a deferred compensation plan.