Head of Network and Information Security

JOB TITLE: Head of Network and Information Security

DEPARTMENT: Network Operations

REPORTS TO: VP of Development

PURPOSE:
We are seeking a talented and detail-oriented individual to join our team as a Talent Profile Specialist. In this role, you will be responsible for curating and updating employee profiles to effectively showcase their skills and experiences to potential clients. The ideal candidate will have a keen eye for detail, strong communication skills, and a proactive approach to aligning candidate profiles with client needs.

KEY RESPONSIBILTIES:

• Develop and implement comprehensive network and information security strategies, policies, and procedures to safeguard our systems and data assets.
• Oversee the configuration and management of network devices, servers, storage systems, and other infrastructure components to ensure they meet security standards and requirements.
• Conduct regular security assessments and audits to identify vulnerabilities, assess risks, and implement appropriate controls and countermeasures.
• Implement and maintain security controls and monitoring solutions to protect infrastructure assets from unauthorized access, data exfiltration, and other security threats.
• Stay abreast of emerging threats, vulnerabilities, and security technologies, and proactively recommend measures to mitigate risks and enhance security posture.
• Provide guidance and support to infrastructure teams on security-related matters, including security architecture design, risk assessment, and security tool selection and implementation.
• Implement and manage M365 security features, data protection policies, and access controls and provide security training to ensure a secure and compliant M365 environment.
• Develop and implement a comprehensive security strategy for our cloud environments, ensuring alignment with overall business objectives.
• Lead the design, implementation, and management of security architecture across Azure, AWS, and GCP platforms.
• Stay informed about emerging trends and best practices in infrastructure security, including software-defined networking (SDN), containerization, and zero-trust architecture, and evaluate their applicability to our environment.
• Respond to security incidents and breaches in a timely and effective manner, conducting thorough investigations, implementing remediation actions, and communicating with stakeholders as necessary.
• Lead and manage a team of security professionals, providing guidance, mentoring, and support to ensure the effective execution of security initiatives.
• Manage relationships with external vendors, partners, and regulatory authorities to ensure compliance with relevant security standards, regulations, and contractual obligations.
• Provide regular reports and updates to senior management on the status of network and information security initiatives, key metrics, and performance indicators.
• Collaborate with cross-functional teams to integrate security best practices into the design, development, and deployment of IT solutions and services.

QUALIFICATIONS, SKILLS AND EXPERIENCE:

• At least Bachelor's or Master's Degree in Computer Science, Information Security, or a related field.
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certifications preferred.
• Extensive experience (15 years+) in network and information security roles, with a proven track record of designing and implementing effective security solutions in complex environments.
• In-depth knowledge of networking protocols and technologies, including TCP/IP, DNS, DHCP, VPN, VLANs, routing, and switching.
• Experience with virtualization technologies (e.g., VMware, Hyper-V, KVM), container orchestration platforms (e.g., Kubernetes), and cloud computing platforms (e.g., AWS, Azure, GCP).
• In-depth knowledge of security technologies, protocols, standards, and best practices, including but not limited to firewalls, intrusion detection/prevention systems, encryption, authentication, and access controls.
• Excellent analytical, problem-solving, and decision-making abilities, with a keen attention to detail and a proactive approach to identifying and addressing security risks.
• Effective communication and interpersonal skills, with the ability to articulate complex technical concepts to non-technical stakeholders and build consensus across different teams.
• Experience working in the IT industry and familiarity with relevant compliance requirements (e.g., GDPR, HIPAA) is a plus.
• Strong leadership and team management skills, with the ability to inspire and motivate a diverse team of security professionals.