Consulting Director Security Eng
The Consulting Director, Security Engineering role is a high level individual contributor role that leads the execution and management of daily Security Engineering work in coordination with their infrastructure vendor. Serves as an an expert in various aspects of Security Engineering and is responsible for designing and implementing security infrastructure solutions approved by the Chief Information Security Officer (CISO) organization to support the overall business goals. The Director also manages projects (including external vendors) for end-to-end success as well as actively works with other IT groups and vendors on optimal strategy, execution, management, oversight and outcomes.
Essential Duties & Responsibilities
- Contributes and provides input into the strategy of the security engineering discipline.
- Researches, evaluates, designs, tests and recommends the implementation of new or improved information security infrastructure solutions, including identity & access management tools.
- Independently engineers, designs and oversees the building of fault tolerant, automated and highly resilient security infrastructure solutions.
- Guides and works with infrastructure vendor to create standards for monitoring tools, automate operational tasks and ensure robust reporting on overall security infrastructure status and health.
- Participates in investigations of suspected information security misuse or in compliance reviews as requested by the CISO organization or auditors
- Plans and develops security measures in the infrastructure area, in partnership with their infrastructure vendor and as directed by the CISO organization, to safeguard information against accidental or unauthorized modification, destruction or disclosure.
- Influences security measure decisions through advice and counsel
- Streamlines the usage of security technologies in a dynamic environment through automation and orchestration platforms, in partnership with their vendor partners while maintaining high level of security controls.
- Works with operations team and providers during major issues and day-to-day escalations as needed.
- Provides project leadership to large and technically difficult security engineering projects. The role will be accountable for security infrastructure design decisions and how easily the designs can be implemented.
- Works with vendor management to help negotiate and / or provide detailed analysis to acquire favorable contractual agreements with IT vendor partners.
- Ensures effective administration of, and compliance with, all internal processes, procedures, and controls.
Skills, Knowledge & Abilities
- Solid experience researching and consulting with key technology suppliers and industry experts to evaluate, select, install and configure security infrastructure solutions
- Extensive senior level knowledge of security technologies and of implementing infrastructure solutions to address compliance and security concerns
- Excellent project management skills and ability to organize and plan effectively to meet project goals.
- Excellent interpersonal and communication skills and the ability to work effectively with peers, vendor partners, IT management and assigned subordinates.
- Collaborates with teams to drive towards win-win scenarios.
- Successful track record in Infrastructure planning and budgeting and exposure to negotiating and determining appropriate outcomes with IT vendor partners.
- Acts with a sense of urgency and accountability while achieving quality results.
- Acts as a thought leader in researching and presenting innovative ways to solve complex infrastructure related issues, including working with IT vendor partners with root cause analysis and appropriate outcome attainment.
- Excellent knowledge and experience with IT Service Management concepts including all disciplines within an ITIL framework.
Education & Experience
- Bachelor’s Degree in Computer Science, Information Technology, or related work experience.
- Security Engineering background, with deep technical knowledge
- Typically a minimum of ten years in Information Technology experience utilizing security technologies — preferably in the insurance industry.
- Experience in a business-facing IT role or similar experience providing customer service for an IT service.
- Strong experience working with IT vendors and / or Managed Service Providers.
- Willingness and ability to lead and provide mentorship to other Infrastructure engineers.
- Security Engineering certifications preferred (e.g. CISSP, CISM, SANS, OSCP or similar).