*Permanent full time role*
A prestigious company is on the search for a Manager Cyber Risk Architecture. This manager will have 4 direct reports and needs to have a broad sense of experience in cyber risk, enterprise security, infrastructure security, application security, IAM, and cloud. This manage must be highly technical with platform, storage, network, virtualization, cloud, and security frameworks.
RESPONSIBILITIES
Build and lead a team of senior enterprise security architects and engineers to:
Develop/maintain future state vision for reusable technical security and appropriate use enforcement platforms Create a risk-based investment roadmap; align the vision and roadmap with business desire to take advantage of emerging technologies (eg advanced data analytics, cloud-computing, mobility) Develop business cases for specific investment projects Collaborate closely with the enterprise IT architecture area in designing enterprise security architecture Design, build, and implement the platforms, and transitioning them to operations. Envision, define, design, implement, and continuously update a technical security control requirements model supporting enterprise information security policies and standards, enterprise technology strategy, enterprise technology architecture and patterns, information security industry best practices, emerging information security technologies, and ALL relevant laws and regulations (eg HIPAA, PCI, and others). Develop and lead an organizational capability to evaluate the architecture and design of existing and proposed information technology systems against the enterprise technical security control requirements model. Enable the organization to identify any gaps between specific technical security requirements and the architecture of a given system and provide detailed technical recommendations on appropriate design or architecture improvements. Build and lead a team of industry-recognized information security visionaries to partner with established and start-up vendors and help bring to market products and solutions that address emerging and anticipated challenges and opportunities in information security and IT risk management. Establish and sustain strong working relationships with the organization's customers and stakeholders. Establish and maintain strong working relationships with industry peers and other external stakeholders including industry organizations/consortia. Communicate the status and accomplishments of the organization's operational activities and projects to company's executive leaders, peers in the IT organization, customers and stakeholders. Partnering closely with the procurement and legal teams identify, select and actively manage the organization's suppliers, service providers and business partners. Instill and promote a strong results-oriented culture centered on business value creation, collaboration, commitment, merit-based recognition, personal development and external benchmarking. Promote the company's image as a leader in setting strategy and developing services and capabilities as compared to competitors and peers in other industries. Share leading practices and lessons learned in managing customer engagements, delivering services, and operating solutions with industry peers, other industries, professional consortia, and relevant government organizations. Align business requirements with company's desire to take advantage of emerging technologies (eg advanced data analytics, cloud-computing, mobility, machine learning, SaaS, etc.)QUALIFICATIONS
Minimum 5 years of senior leadership experience managing senior and principal security architects or other cross-functional IT discipline (eg IT architecture) in Fortune 100 size organizations. Minimum 3 years of experience in communicating with and presenting to executive business leaders and Boards of Directors. Proven track record of identifying, hiring and retaining the top 10% of talent in cyber security, survivable system engineering, and IT risk management resource markets. Experience in staffing, mentoring, coaching, and managing leadership teams consisting of multiple directors and senior managers. Experience working at a Big Four or equivalent advisory organization in support of multinational enterprises across several industries. Demonstrated track record of successfully developing and maturing cyber risk organizations with the emphasis on delivering results. Deep understanding of and prior hands-on experience in all major information security, appropriate use, and survivable system engineering functions and activities including policy setting, vulnerability/risk research, security/availability architecture, system security/survivability engineering, cyber risk operations. Track record of successfully executing profound organizational changes while maintaining support, buy-in and commitment from all stakeholders. Deep understanding of all applicable regulatory standards and requirements including HIPAA, NAIC ORSA, FISMA, NAIC MAR, and others. Demonstrated ability to influence business leadership and cross-functional teams. Proven track record of managing all aspects (scope, budget, schedule, quality) of cross-functional IT/business projects with $3M or larger budgets in Fortune 100 environments. Externally recognized information security and IT risk management industry thought leadership and innovation accomplishments.