Lead, Information Security - Governance & Controls

About The Position

Requirements

• Bachelor of Computer Science or Engineering or experience in related fields
• Ability to manage your work and maintain priority focus with minimal guidance and effectively leverage diverse ideas, experiences and perspectives to the benefit of the organization
• Experience with agile development methodologies
• Knowledge of business concepts and information security tools and processes that are needed for making sound decisions in the context of the company's business
• Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges
• Excellent problem solving, communication and collaboration skills
• Advanced experience and/or expertise with several of the following: NIST and ISO 27000 Standards
• Information Security Control Standards and Engineering Specifications
• Identity and Access Management specifically Microsoft Entra ID (Azure AD) group management and Zscaler ZTA onboarding workflows
• Working knowledge of edge infrastructure including firewalls, WAF's, proxy, advanced bot protection services to name a few.
• Experience with Zero Trust concepts and Zero Trust Network Access (ZTNA)
• International team collaboration, cross functional workflow execution

Nice To Haves

• Certified Information Systems Security Professional (CISSP)
• Cloud security certifications (AWS or Azure)
• (GSEC) (GIAC Security Essentials)
• (GWEB) Certified Web Application Defender

Responsibilities

• Execute request triage, risk treatment and application of compensating controls.
• Partner with other security professionals to strengthen the security of company data and assets by applying information and network security knowledge, mitigating controls, and lifecycle tracking.
• Explain difficult concepts and influence others when describing risk, compensating controls in the service decision making process.
• Work on extremely complex problems in which analysis of situations or data requires an evaluation of risk and controls.
• Guide the team in risk evaluation and exception triage results.
• Coach team members in agile process and ceremonies.
• Perform highly complex project and operational work, evaluating secure architecture against security requirements for assigned solutions and processes under the guidance of senior team members.
• Provide guidance to junior team members.
• Leverage knowledge of business and security systems/processes to identify risk and build strong / antifragile Information Security capabilities and improve tooling/processes to address these risks.
• Lead service delivery execution and guide junior team members in risk triage and exception processing, while partnering effectively with non-technical security advisors.
• Maintain service catalog documentation, standard operating procedures, and stakeholder communication artifacts (e.g., security briefs, one-pagers) that articulate service expectations, intake requirements, and governance principles to Security Advisors and cross functional teams.
• Coordinate cross functional teams in geographically disperse locations to execute daily service delivery operations for the network security request — including intake triage, risk assessment, and service delivery — while aligning to governance standards and escalating appropriately.
• Understand, measure and manage a services capacity vs. demand and the ability to prioritize work.

Benefits

• Market competitive base salaries, with a yearly bonus potential at every level .
• Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave .
• 401(k) plan with company match (up to 4%).
• Company-funded pension plan.
• Wellness Programs including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs.
• Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.
• Education Benefit to help finance traditional college enrollment toward obtaining an approved degree and many accredited certificate programs.
• Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.