Chief Information Security Officer to lead an information security function that defines the technology, policies, procedures and processes required to address the organization’s security needs and management of risk.
The Chief Information Security Officer will provide security services to and complement the information technology architecture while integrating with the business' global architecture. In this role, the CISO will provide leadership for the development and management of a secure corporate and global data center operation, ensure the integrity of information assets and business processing, and ensure compliance with relevant certifications and compliance initiatives.
Key Areas of Responsibility:
- Lead a global information security function, to include security operations, security architecture, and identity and access management;
- Work closely with business managers, audit and legal counsel to understand corporate requirements related to security and regulatory compliance;
- Lead as organizational subject matter expert in information security and multiple technical disciplines;
- Development and implement effective information security strategies, policies and procedures;
- Develops strong partnerships with business clients, application developers, software vendors and other technical resources;
- Define and perform an ongoing risk assessment program, which will define, identify, and classify critical assets, threats and vulnerabilities, and implement safeguards;
- Lead security projects and program development;
- Lead and develop application and network security assessment programs;
- Lead global incident response program and conduct complex security policy violation investigations;
- Monitor for inappropriate utilization of computer resources; and
- Assess reported security threats and weaknesses.
Excellent working knowledge of the following security areas desired:
- The position requires that the individual have a sense of urgency to address security risks;
- The individual must hold themselves to the highest levels of personal and professional integrity;
- Demonstrated ability to lead effectively in an ambiguous environment;
- Demonstrated ability to lead across geographical locations;
- The individual must be a subject matter expert in network security, security architecture and best practices, and application security;
- Strong knowledge of UNIX, Windows, and Apple Operating System vulnerabilities and secure configuration settings;
- Strong knowledge of threats and vulnerabilities associated with application and network security;
- Strong knowledge of the principles of implementation, operation and experience with security technology such as firewalls, multi-level security implementation, security assessments, monitoring, and profiling tools (e.g., IDS/IPS, SEIM, AV, etc…);
- Strong knowledge of incident response processes and programs;
- General knowledge of encryption techniques include key management;
- Strong knowledge of ISO 27001&2, PCI, SSAE 16;
- Strong oral and written communications skills;
- Strong analytical and problem solving skills and proactive thinking skills;
- Proactive thinking, analytical thinking and problem solving skills; and
- BS or advanced degree in computer science or related discipline preferred.
- Operating System Security (Windows, Apple, AIX, Linux);
- Internet Technologies (NNTP, Proxy, HTTP, HTTPS, HTLM, SSL, X.509);
- TCP/IP and networking;
- Intrusion Detection and Prevention products;
- Incident Response Management;
- Application and Network Security Assessments methodologies and tools;
- General Access Control Security (Active Directory and Unix Directory security);
- IPSEC and remote access technologies; and
- End Point Security products (i.e., Anti-virus, Malware, Hard Drive encryption).
- Ability to lead key proactive security programs and projects;
- Experience working in a global security operations role;
- Understanding and experience in application and network security assessment methodologies, tools, and techniques;
- Experience in implementing or operating global end-point security products (anti-virus, anti-malware, hard drive encryption, DLP, etc…);
- Incident Response Management and Computer Forensics a plus; and
- CISSP, SANS, and other security related certifications a plus.
- Bachelors or Master’s degree in computer science, management information systems, business administration or related discipline
Equal Employment Opportunity
We are an equal opportunity employer m/f/d/v.
At Verizon, our people are busy changing the world-tackling the toughest challenges in areas like Healthcare, Energy, Public Safety, and...