Plymouth Rock Assurance Director of IT Security in Boston, Massachusetts
The Director of IT Security will Identify and lead security initiatives for the enterprise. Supervise security engineering staff and take a hands-on approach for the planning, budgeting, coordination and implementation of the organization’s Information Technology and Data security. Develop and carry out enterprise security strategy and best practices. Update policies and procedures in adherence with industry best security practices and regulatory compliance including PCI compliance. Take proactive measures to keep the organization informed and safe.
· Proactively recommend and drive security enhancements to management.
· Establish track and present key performance metrics to demonstrate continuous improvement.
· Integrate with Peer groups and industry experts to benchmark our programs and results
· Staff monitoring, oversight, and administrative tasks
· Oversee and recommend strategies to respond to and recover from a security breach
· Educate the workforce on information security through training, newsletters, etc.
· Select, Implement and manage software and services to protect organizations’ sensitive information.
· Participate in and manage Infrastructure portions of projects in coordination with Project Managers.
· Work closely with application development teams to ensure secure coding standards/practices
· Participate and evangelize a DevSecOps methodology
· Test security plans, products and control techniques
· Coordinate and monitor vulnerability scans, application and network penetration testing, risk assessments, tabletop exercises
· Work collaboratively with other technical teams to identify and remediate system and application vulnerabilities.
· Work with Internal Audit and other consultants as required
· Engage and participate in industry peer groups.
· Keep abreast of industry trends and apply to PRC.
· Perform vendor review to ensure compliance with industry and company security standards SSAE-19, SOC2
· Perform other job-related duties as assigned.
· Analytical skills
· Troubleshooting Proficiency
· Working knowledge of PAM, SIEM, DLP, SSO, WAF and Email Threat Management Technology
· Advanced knowledge of PCI Security Standards
· Risk Management skills
· Working knowledge of one or more Public Cloud Technologies (AWS,AZURE,GCP) and information technology security in a hybrid cloud environment
· Methodical and meticulous work ethic
· Proficient with industry wide security standards
· Proficient with network and application security tools and best practices
· Ability to process large amounts of information
· Perform and manage log monitoring
· Excellent verbal and written communication at all levels of the organization
· Ability to lead an investigation and perform forensic analysis
· Aggressively pursue risk mitigation strategies
· Demonstrate cross functional team leadership
· Knowledge of NIST Cybersecurity framework a plus
· 3+ years supervisory experience leading a security team
· CISSP Required
Job ID: 2021-2066
External Company Name: Plymouth Rock Assurance
External Company URL: www.prac.com/
Street: 695 Atlantic Ave