IT Security Engineer Lead

Great Minds, a rapidly growing nonprofit developing world-class curricula for PK-12, seeks an IT Security Lead to join our dynamic, dedicated team. At Great Minds, we believe every child is capable of greatness. Our mission is to ensure all students have access to a quality education and the full range of liberal arts and sciences.  For additional information, please visit www.greatminds.org.

The IT Security Lead role is for an experienced and hands on engineer who can work in a fast-paced, service-oriented organization. We are expanding the Great Minds IT team and looking for someone with a start-up mentality, great at managing multiple priorities, has excellent problem solving skills with a strong IT security background.

You will coordinate the IT Security teams day-to-day operations to implement and manage security infrastructure, and to provide regular status and service-level reports to management. This role requires an individual with a strong technical background, as well as an ability to work with the IT organization and business management to align priorities and plans with key business objectives.

An ideal candidate will have hands-on skills supporting a Windows and Mac environment, and have broad range of experience using cloud tools (AWS, Okta, Jamf, Azure AD, O365, GSuite, Cylance, Zscaler, etc). We are seeking a self-starter, with a bias towards action, comfortable interacting with all levels of the organization. You will also be self-motivated, team-oriented and passionate about technology and bring a mindset of continuous improvement to IT security operations. 

Responsibilities

• Assist in planning, developing and implementing information security frameworks, policies, standards, and procedures
• Provides project management for small security projects and participates in IT projects across the business
• Manage security related production issues and incidents, and participate in the IT change management board
• Manage a staff of information security professionals
• Work with the technology teams to ensure that security requirements are properly incorporated into new IT solutions and design changes to existing systems
• Evaluate and partner with vendors to implement security solutions
• Develops and publishes metrics and dashboards demonstrating security posture and event activity
• Manage the day-to-day activities of threat and vulnerability management, recommend plans and communicate information about risk mitigation
• Provide expert guidance on security matters for other IT projects, as needed.
• Support the RFP review process
• Recommend and coordinate the implementation of technical controls to support and enforce defined security policies
• Provide technical and managerial expertise for the administration of security tools.
• Work cross-functionally with our business teams to ensure security vulnerabilities are properly understood, prioritized, remediation plans developed to address the risk, and remediated in a timely manner
• Be action-oriented, and take ownership of outstanding items and ensure delivery

Requirements

• 9+ years of IT experience, serving at least 5 years in an information security role and 2+ years in a supervisory capacity
• Security certifications, training, and experience with CMMC, NIST, and/or Cybersecurity Framework a plus
• A bachelor's degree in information systems or equivalent work experience
• Strong leadership skills and demonstrated ability to work effectively with business stakeholders, IT management teams, and IT staff
• Excellent verbal, written and interpersonal communication skills; ability to communicate effectively with IT management, infrastructure teams and software development and test teams
• Experience developing and maintaining policies, procedures, standards and guidelines
• Proficiency performing vulnerability assessments and managing projects
• A strong understanding of cloud security, operating system internals, and network protocols
• Demonstrated ability to explain standards and frameworks such as OWASP Top Ten, NIST 800-171, CIS Benchmarks, and more to technical and non-technical staff, developers, system/network administrators, and management
• Ability to work flexible schedules to meet job requirements
• Ability to drive or fly to various office locations

Location

• Washington DC (hybrid); or remote in EST

#li-remote