Director, Information Security

In This Role, You Will:

• The Director of Information Security reports to the VP of Solutions & Security and is responsible for the upkeep of existing design and additional implementation of security efforts to protect Pryon and its core product and systems against intrusion and threats, cyber-attacks and data breaches both internal and external
• Complete management and triage of all exploits and vulnerabilities involving company equipment, SaaS applications in use by employees and proper updates along with coordination with IT Administration
• This role is responsible for the completeness of provisioning, deployment, configuration, and administration of Pryon’s information security systems, including security monitoring, endpoint protection, identity and access management, vulnerability management and incident response
• Design and drive security projects and initiatives, to ensure ongoing compliance with approved policies and regulatory requirements including SOC2, NIST, CMMC 2.0, ISO, and GDPR
• Assist in the architecture, implementation, management and enhancement of technical security capabilities – IPS/IDS, DLP, IAM, SIEM, etc.
• Monitor IDS alerts, suspicious emails, application logs, and system audit logs for anomalous activities. Analyze internal and external threats/vulnerabilities and coordinate appropriate remediation efforts with other internal stakeholders
• Provide security incidents and response support, as needed
• Develop and implement SIEM use cases, to support the monitoring of Pryon’s infrastructure, and handle escalations with managed service providers
• Triage security tickets according to priority levels
• Prepare and maintain up to date documentation details, including standard operating procedures, of deployed technical solutions
• Actively manage the continuous integration/continuous delivery pipeline of correlation rules and use cases, including the design and development of threat models and building, testing and deployment of correlation rules or use cases on SIEM

Defining & Creating of Controls:

• Define security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
• Develops and validates baseline security configurations for operating systems, applications, and cloud infrastructure
• Incident Detection and Response: Provides second- and third-level support in the event of a security incident
• Participates in compliance reviews, as requested by internal or external auditor's
• Monitors daily or weekly reports and security logs for unusual events with our managed service provider.

Audit Support:

• Along with SOC2, ISO, NIST and GDPR framework standards you will receive audit findings, and manage the collection of responses and remediation plans with owners
• Provides oversight and management of audit finding remediation, including generating requirements for full remediation, providing feedback and suggestions on managerial responses to findings, and tracking progress and providing status and updates to the enterprise compliance team for reporting purposes
• Supports e-discovery processes to include identification, collection, preservation and processing of relevant data
• Maintains an awareness of existing and proposed security-standard-setting groups, state and federal legislation and regulations pertaining to information security. Identifies regulatory changes that will affect information security policy, standards and procedures, and recommends appropriate changes.

Information Security Architecture:

• Assists in the development of security architecture and security policies, principles and standards
• Participates in the enterprise architecture (EA) community, and provides strategic guidance during the EA process
• Researches, evaluates, designs, tests, recommends and plans the implementation of new or updated information security technologies.
• Researches and assesses new threats and security alerts, and recommends remedial actions.
• Provides guidance for security activities in the system development life cycle (SDLC) and application development efforts. Participates in organizational projects, as required.

What You'll Need to Be Successful:

• Minimum 5 years in Cybersecurity and Information Security leading and implementing security best practices for a major firm
• Hands on experience provisioning, configuring and securing systems and applications
• The role requires a blend of cybersecurity experience and highly developed communication skills to be a security expert, liaison and engineer for Pryon
• Strong working knowledge of security technologies (Intrusion Detection and Prevention Systems, Web Proxy, Antivirus, Security Information and Event Management (SIEMs), Endpoint Detection agents, etc.)
• Strong understanding of TCP/IP, MITRE ATT&CK, Kill Chain, Vulnerability Management and Networking principles
• Strong understanding of Secure SDLC, CI/CD pipeline monitoring and DevOpsSec principles
• Experience with Python scripting language for automation
• Experience with Apple, iOS computer and device operating systems, and cloud security fundamentals
• One or more  industry certifications like CISSP, Splunk Enterprise Security Certified Admin, Azure Security Engineer, MS Security Operations Analyst Associate
• National Initiative for Cybersecurity Education (NICE) competency proficiency levels of developing to proficient in leadership, operational, and professional, and proficient to advanced in technical