Home 
How Blumble Works 
Search Algorithm 
Your Privacy 
About 
Facebook
Twitter
Blog
security
Security.org is a comprehensive online resource dedicated to providing users with valuable information regarding home security and safety. With a mission to educate and empower individuals to protect themselves and their loved ones, the website offers a wide range of articles, reviews, and guides related to home security systems, surveillance cameras, smart locks, and more. Their expert team thoroughly researches and analyzes various products and technologies to ensure that readers make informed decisions when it comes to safeguarding their homes. Additionally, Security.org covers topics such as cybersecurity, identity theft prevention, and personal safety, making it a reliable and trusted source for all things security-related.
-
EncryptedSite is Encrypted
-
CountryHosted in United States
-
Latitude\Longitude37.751 / -97.822 Google Map
-
Traffic rank#21,461 Site Rank
-
Site age29 yrs old
-
Site Owner informationWhois info
Website is Safe
Site is not blacklisted
Traffic rank
#21,461
#21,461
Site age
29 yrs
29 yrs
Location
United States
United States
Popular Questions for security
Newest job postings for security
via BeBee
posted_at: 17 hours agoschedule_type: Full-time
Location
At GoDaddy, the future of work looks different for each team. Some teams work in the office full-time; others have a hybrid arrangement (they work remotely some days and in the office somedays), and some work entirely remotely...
This is a remote position, so you'll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.
This position is not eligible to be performed
Location
At GoDaddy, the future of work looks different for each team. Some teams work in the office full-time; others have a hybrid arrangement (they work remotely some days and in the office somedays), and some work entirely remotely...
This is a remote position, so you'll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.
This position is not eligible to be performed in Alaska, Mississippi, North Dakota, or the Virgin Islands.
Join Our Team
GoDaddy's Information Security Org is looking for a Director to join our organization. Do you want to be an Information Security Leader at GoDaddy? Can you solve large-scale and cross-company issues, while ensuring that partnership with the development and operational communities remains front of mind? The ideal candidate will apply their hands-on technical skills, strong leadership abilities, and an eagerness to build enterprise-wide security risk assessment programs. You must be comfortable with communicating with stakeholders, performing security assessments, prioritizing security risks, and creating/presenting high-quality deliverables.
What you'll get to do...
• Build and manage an enterprise-wide security risk assessment program.
• Join forces with SRE and development teams to find new and creative ways to reduce the occurrence of vulnerabilities at scale.
• Review quality issues and work towards detecting security flaws, both obvious and discrete.
• Assist with scoping prospective projects, participating in projects from kickoff through "definition of done" via end-to-end ownership.
• Manage a team of security professionals performing security assessments.
• Launch campaigns to perform risk assessments and help mitigate security risks across the company.
Your experience should include...
• 7+ years of progressive security risk management experience with expertise in multiple security domains such as Security Architecture, Cryptography, Network Security, Cloud Security, Mobile Security, Compliance, and Web Security.
• Experience in Secure Development Lifecycle and Shift Left with a Security by Design methodology.
• Experience with building and/or managing security risk management programs.
• Problem-solver with excellent communication skills, and a deep technical understanding of security risk assessments and risk management.
You might also have...
• Bachelor's degree in Computer Science or related field.
• Master's degree or Ph.D. in Computer Science or a related field
• Industry-recognized security certifications from organizations such as ISACA, ISC^2, SANS, Offensive Security, etc.
We've got your back... We offer a range of benefits that may include paid time off, retirement savings (e.g., 401k, pension schemes), incentive eligibility, equity grants, participation in an employee stock purchase plan, and other family-friendly benefits including parental leave. GoDaddy's benefits vary based on individual role and location and can be reviewed in more detail during the interview process.
We also embrace our diverse culture and offer a range of Employee Resource Groups ( Culture ) . Have a side hustle? No problem. We love entrepreneurs Most importantly, come as you are and make your own way.
About us... GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all. GoDaddy is the place people come to name their idea, build a professional website, attract customers, sell their products and services, and manage their work. Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success. To learn more about the company, visit About Us .
At GoDaddy, we know diverse teams build better products-period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences and perspectives. But we also know that's not enough to build true equity and belonging in our communities. That's why we prioritize integrating diversity, equity, inclusion and belonging principles into the core of how we work every day-focusing not only on our employee experience, but also our customer experience and operations. It's the best way to serve our mission of empowering entrepreneurs everywhere, and making opportunity more inclusive for all. To read more about these commitments, as well as our representation and pay equity data, check out our Diversity and Pay Parity annual report which can be found on our Diversity Careers page .
GoDaddy is proud to be an equal opportunity employer . GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements. Refer to our full EEO policy here ( ).
Our recruiting team is available to assist you in completing your application. If they could be helpful, please reach out to
GoDaddy doesn't accept unsolicited resumes from recruiters or employment agencies.
Job ID R018483
GoDaddy's compensation is local to where you are and may vary based on an individual's qualifications at the time of the offer. The anticipated annual base salary ranges for select locations are listed below:
• California Bay Area, Santa Clara, San Francisco: $200000.00 - $300000.00
• Seattle, New York City: $188000.00 - $282000.00
• Los Angeles, San Diego: $168000.00 - $252000.00
• California State, Washington State, Colorado State: $160000.00 - $240000.00 Show more details...
At GoDaddy, the future of work looks different for each team. Some teams work in the office full-time; others have a hybrid arrangement (they work remotely some days and in the office somedays), and some work entirely remotely...
This is a remote position, so you'll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.
This position is not eligible to be performed in Alaska, Mississippi, North Dakota, or the Virgin Islands.
Join Our Team
GoDaddy's Information Security Org is looking for a Director to join our organization. Do you want to be an Information Security Leader at GoDaddy? Can you solve large-scale and cross-company issues, while ensuring that partnership with the development and operational communities remains front of mind? The ideal candidate will apply their hands-on technical skills, strong leadership abilities, and an eagerness to build enterprise-wide security risk assessment programs. You must be comfortable with communicating with stakeholders, performing security assessments, prioritizing security risks, and creating/presenting high-quality deliverables.
What you'll get to do...
• Build and manage an enterprise-wide security risk assessment program.
• Join forces with SRE and development teams to find new and creative ways to reduce the occurrence of vulnerabilities at scale.
• Review quality issues and work towards detecting security flaws, both obvious and discrete.
• Assist with scoping prospective projects, participating in projects from kickoff through "definition of done" via end-to-end ownership.
• Manage a team of security professionals performing security assessments.
• Launch campaigns to perform risk assessments and help mitigate security risks across the company.
Your experience should include...
• 7+ years of progressive security risk management experience with expertise in multiple security domains such as Security Architecture, Cryptography, Network Security, Cloud Security, Mobile Security, Compliance, and Web Security.
• Experience in Secure Development Lifecycle and Shift Left with a Security by Design methodology.
• Experience with building and/or managing security risk management programs.
• Problem-solver with excellent communication skills, and a deep technical understanding of security risk assessments and risk management.
You might also have...
• Bachelor's degree in Computer Science or related field.
• Master's degree or Ph.D. in Computer Science or a related field
• Industry-recognized security certifications from organizations such as ISACA, ISC^2, SANS, Offensive Security, etc.
We've got your back... We offer a range of benefits that may include paid time off, retirement savings (e.g., 401k, pension schemes), incentive eligibility, equity grants, participation in an employee stock purchase plan, and other family-friendly benefits including parental leave. GoDaddy's benefits vary based on individual role and location and can be reviewed in more detail during the interview process.
We also embrace our diverse culture and offer a range of Employee Resource Groups ( Culture ) . Have a side hustle? No problem. We love entrepreneurs Most importantly, come as you are and make your own way.
About us... GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all. GoDaddy is the place people come to name their idea, build a professional website, attract customers, sell their products and services, and manage their work. Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success. To learn more about the company, visit About Us .
At GoDaddy, we know diverse teams build better products-period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences and perspectives. But we also know that's not enough to build true equity and belonging in our communities. That's why we prioritize integrating diversity, equity, inclusion and belonging principles into the core of how we work every day-focusing not only on our employee experience, but also our customer experience and operations. It's the best way to serve our mission of empowering entrepreneurs everywhere, and making opportunity more inclusive for all. To read more about these commitments, as well as our representation and pay equity data, check out our Diversity and Pay Parity annual report which can be found on our Diversity Careers page .
GoDaddy is proud to be an equal opportunity employer . GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements. Refer to our full EEO policy here ( ).
Our recruiting team is available to assist you in completing your application. If they could be helpful, please reach out to
GoDaddy doesn't accept unsolicited resumes from recruiters or employment agencies.
Job ID R018483
GoDaddy's compensation is local to where you are and may vary based on an individual's qualifications at the time of the offer. The anticipated annual base salary ranges for select locations are listed below:
• California Bay Area, Santa Clara, San Francisco: $200000.00 - $300000.00
• Seattle, New York City: $188000.00 - $282000.00
• Los Angeles, San Diego: $168000.00 - $252000.00
• California State, Washington State, Colorado State: $160000.00 - $240000.00 Show more details...
via Science Jobs
schedule_type: Full-time
Job Description Summary:
Secure the enterprise cloud infrastructure and perform ongoing enterprise information security threat monitoring and remediation, including monitoring and detecting malicious activity. Contribute to the design and development of the Azure and Microsoft 365 security architecture for data and infrastructure. Influence the security vision and strategy around cloud-based... applications (including Infrastructure, Platform, and
Job Description Summary:
Secure the enterprise cloud infrastructure and perform ongoing enterprise information security threat monitoring and remediation, including monitoring and detecting malicious activity. Contribute to the design and development of the Azure and Microsoft 365 security architecture for data and infrastructure. Influence the security vision and strategy around cloud-based... applications (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS)). Align cloud security strategy with business goals. Aid in the prevention of data thefts, unwanted deletion of data, and data breach incidents.
The ideal candidate will be familiar with a variety of cloud security concepts, practices, and procedures, and rely on experience and judgment to plan and accomplish goals.
The anticipated hiring salary range: $95k - $100k
COMPREHENSIVE BENEFITS PACKAGE:
Health coverage on day one, dental, vision, employer paid life, LTD, flexible benefits plan, miscellaneous voluntary plans available, paid vacation and sick (accruing upon hire), paid holidays, paid discretionary day, paid bereavement leave, paid jury duty leave, military leave, paid parental leave, retirement plan.
Job Description:
The Cloud Security Engineer (CSE) will secure the enterprise cloud infrastructure and perform ongoing enterprise information security threat monitoring and remediation. The CSE will contribute to the design and development of the Azure and Microsoft 365 security architecture for data and infrastructure. The CSE will influence the security vision and strategy around cloud-based applications (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS)).
The CSE will aid in the prevention of data thefts, unwanted deletion of data, and data breach incidents and will oversee the strategic, operational, and tactical aspects of cloud security.
The CSE’s responsibility will also include monitoring and detecting malicious activity once the system is deployed.
The CSE will be responsible for aligning cloud security strategy with business goals and working towards finding the optimum balance between information security risks and controls while enabling the business.
Key Roles and Responsibilities:
Identify and Implement:
Identify and mitigate cloud security risks, threats or weaknesses within the existing cloud infrastructure and solutions.
Recommend investments in solutions or changes in work processes that enhance cloud security.
Involvement with the implementation and advancement of a continuous monitoring environment and security controls related to cloud risk.
Involvement in the implementation and advancement of KUMC’s adverse incident response plan.
Based on business requirements, design, develop, and implement cloud-native security architectures and designs that allow those requirements to be met with a minimal degree of risk and with appropriate security controls present.
Analysis/Actions:
Identify cloud security design gaps in existing and proposed architectures and recommend changes or enhancements.
Perform root cause and impact analysis of events that may be a risk to KUMC’s cloud environment.
Conduct postmortem reviews of adverse incidents related to KUMC’s cloud environment, to ensure that actions are appropriate, gaps are identified, and procedures are updated and understood by team members.
Develop and maintain cloud security strategy and architecture which aligns with business goals.
Documentation:
Create documentation on specific remediation steps to close vulnerabilities or mitigate risk to acceptable levels.
Create technical documentation so other team members or peers may use for reference.
Develop and maintain cloud security architecture artifacts (e.g., baselines, models, templates, standards, and procedures) to be used to leverage cloud security capabilities in projects and operations.
Revise and/or update documentation and artifacts to identify and address newly emerging tactics, trends, and techniques.
Compliance / Policy / Process
In conjunction with the Office of Compliance, monitor and assure compliance that is related to federal and state laws and regulations, and University policies and practices.
Develop and implement audit plans for assessing cloud security risks within the KUMC community.
Demonstrated level of integrity and judgment concerning privacy issues, and the ability to maintain a well-reasoned, objective, and independent point of view.
Contribute to the annual employee information security compliance training.
Communicate/Collaborate:
Represent Information Security as a senior technical representative while engaging with other senior technical leaders throughout organization in design and implementation of cloud and cloud/hybrid-based implementations and solutions, including the external teams at Kansas University and the University of Kansas Health System.
Provide detailed cloud security consulting and reporting to executives, clients, business owners, and technical experts across the enterprise.
Establish and maintain effective partnerships with the various teams and KUMC communities, to evangelize and educate about cloud security priorities, methodologies, awareness, and compliance across the organization.
Lead or participate in related committees and coordinate security efforts across the organization to identify key cloud security initiatives and standards.
Coordinates with enterprise architects and information architects to ensure new cloud services align to roadmaps and to understand the impact on the organization’s information architecture.
Other tasks and responsibilities on an ad-hoc or project basis.
Required Qualifications
Graduation from a four-year college or university with a degree or major course work in computer science, telecommunications, networking, engineering, or other related technical fields. Four-year degree can be substituted with eight years of experience.
Seven years of progressive work experience in information technology
4 years’ experience with information security
3 years’ experience utilizing and securing Microsoft Azure cloud computing or Microsoft 365 environments.
Experience with managing and implementing technical solutions that require involvement from multiple team members across the organization.
Certified Cloud Security Professional (CCSP) or similar Cloud certification (candidates not certified will be expected to achieve certification within 12 months of hire).
Must be available for 24/7 on call-support.
Preferred Qualifications
Master’s degree in a related technical area.
Related work experience in a higher education or academic health organization.
Knowledge of and experience implementing technical aspects of compliance standards
egulations such as HIPAA, Gramm-Leach-Bliley, PCI DSS, etc.
Knowledge of and experience implementing an information security framework based on either ISO 17799, NIST 800-30, CObIT, etc.
3 years’ experience utilizing and securing other cloud computing environments. (Ex: AWS and GCP)
Experience with DevSecOps and application security Show more details...
Secure the enterprise cloud infrastructure and perform ongoing enterprise information security threat monitoring and remediation, including monitoring and detecting malicious activity. Contribute to the design and development of the Azure and Microsoft 365 security architecture for data and infrastructure. Influence the security vision and strategy around cloud-based... applications (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS)). Align cloud security strategy with business goals. Aid in the prevention of data thefts, unwanted deletion of data, and data breach incidents.
The ideal candidate will be familiar with a variety of cloud security concepts, practices, and procedures, and rely on experience and judgment to plan and accomplish goals.
The anticipated hiring salary range: $95k - $100k
COMPREHENSIVE BENEFITS PACKAGE:
Health coverage on day one, dental, vision, employer paid life, LTD, flexible benefits plan, miscellaneous voluntary plans available, paid vacation and sick (accruing upon hire), paid holidays, paid discretionary day, paid bereavement leave, paid jury duty leave, military leave, paid parental leave, retirement plan.
Job Description:
The Cloud Security Engineer (CSE) will secure the enterprise cloud infrastructure and perform ongoing enterprise information security threat monitoring and remediation. The CSE will contribute to the design and development of the Azure and Microsoft 365 security architecture for data and infrastructure. The CSE will influence the security vision and strategy around cloud-based applications (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS)).
The CSE will aid in the prevention of data thefts, unwanted deletion of data, and data breach incidents and will oversee the strategic, operational, and tactical aspects of cloud security.
The CSE’s responsibility will also include monitoring and detecting malicious activity once the system is deployed.
The CSE will be responsible for aligning cloud security strategy with business goals and working towards finding the optimum balance between information security risks and controls while enabling the business.
Key Roles and Responsibilities:
Identify and Implement:
Identify and mitigate cloud security risks, threats or weaknesses within the existing cloud infrastructure and solutions.
Recommend investments in solutions or changes in work processes that enhance cloud security.
Involvement with the implementation and advancement of a continuous monitoring environment and security controls related to cloud risk.
Involvement in the implementation and advancement of KUMC’s adverse incident response plan.
Based on business requirements, design, develop, and implement cloud-native security architectures and designs that allow those requirements to be met with a minimal degree of risk and with appropriate security controls present.
Analysis/Actions:
Identify cloud security design gaps in existing and proposed architectures and recommend changes or enhancements.
Perform root cause and impact analysis of events that may be a risk to KUMC’s cloud environment.
Conduct postmortem reviews of adverse incidents related to KUMC’s cloud environment, to ensure that actions are appropriate, gaps are identified, and procedures are updated and understood by team members.
Develop and maintain cloud security strategy and architecture which aligns with business goals.
Documentation:
Create documentation on specific remediation steps to close vulnerabilities or mitigate risk to acceptable levels.
Create technical documentation so other team members or peers may use for reference.
Develop and maintain cloud security architecture artifacts (e.g., baselines, models, templates, standards, and procedures) to be used to leverage cloud security capabilities in projects and operations.
Revise and/or update documentation and artifacts to identify and address newly emerging tactics, trends, and techniques.
Compliance / Policy / Process
In conjunction with the Office of Compliance, monitor and assure compliance that is related to federal and state laws and regulations, and University policies and practices.
Develop and implement audit plans for assessing cloud security risks within the KUMC community.
Demonstrated level of integrity and judgment concerning privacy issues, and the ability to maintain a well-reasoned, objective, and independent point of view.
Contribute to the annual employee information security compliance training.
Communicate/Collaborate:
Represent Information Security as a senior technical representative while engaging with other senior technical leaders throughout organization in design and implementation of cloud and cloud/hybrid-based implementations and solutions, including the external teams at Kansas University and the University of Kansas Health System.
Provide detailed cloud security consulting and reporting to executives, clients, business owners, and technical experts across the enterprise.
Establish and maintain effective partnerships with the various teams and KUMC communities, to evangelize and educate about cloud security priorities, methodologies, awareness, and compliance across the organization.
Lead or participate in related committees and coordinate security efforts across the organization to identify key cloud security initiatives and standards.
Coordinates with enterprise architects and information architects to ensure new cloud services align to roadmaps and to understand the impact on the organization’s information architecture.
Other tasks and responsibilities on an ad-hoc or project basis.
Required Qualifications
Graduation from a four-year college or university with a degree or major course work in computer science, telecommunications, networking, engineering, or other related technical fields. Four-year degree can be substituted with eight years of experience.
Seven years of progressive work experience in information technology
4 years’ experience with information security
3 years’ experience utilizing and securing Microsoft Azure cloud computing or Microsoft 365 environments.
Experience with managing and implementing technical solutions that require involvement from multiple team members across the organization.
Certified Cloud Security Professional (CCSP) or similar Cloud certification (candidates not certified will be expected to achieve certification within 12 months of hire).
Must be available for 24/7 on call-support.
Preferred Qualifications
Master’s degree in a related technical area.
Related work experience in a higher education or academic health organization.
Knowledge of and experience implementing technical aspects of compliance standards
egulations such as HIPAA, Gramm-Leach-Bliley, PCI DSS, etc.
Knowledge of and experience implementing an information security framework based on either ISO 17799, NIST 800-30, CObIT, etc.
3 years’ experience utilizing and securing other cloud computing environments. (Ex: AWS and GCP)
Experience with DevSecOps and application security Show more details...
via LMI - ICIMS
posted_at: 13 days agoschedule_type: Full-time
Overview
LMI is a consultancy dedicated to powering a future-ready, high-performing government, drawing from expertise in digital and analytic solutions, logistics, and management advisory services. We deliver integrated capabilities that incorporate emerging technologies and are tailored to customers’ unique mission needs, backed by objective research and data analysis. Founded in 1961 to help... the Department of Defense resolve complex logistics
Overview
LMI is a consultancy dedicated to powering a future-ready, high-performing government, drawing from expertise in digital and analytic solutions, logistics, and management advisory services. We deliver integrated capabilities that incorporate emerging technologies and are tailored to customers’ unique mission needs, backed by objective research and data analysis. Founded in 1961 to help... the Department of Defense resolve complex logistics management challenges, LMI continues to enable growth and transformation, enhance operational readiness and resiliency, and ensure mission success for federal civilian and defense agencies.
The LMI Chief Information Security Officer (CISO) will be responsible for implementing and running the enterprise Cybersecurity program from strategy to implementation to thought leadership. This will involve identifying, evaluating, and reporting on legal and regulatory, IT, and cybersecurity risks and information assets while supporting and advancing business objectives. The CISO position requires a visionary leader with sound knowledge of Federal government contractor business management and a working knowledge of cybersecurity technologies covering the corporate network as well as the broader digital ecosystem. He or she will proactively work with the CIO, business units and stakeholders to implement practices that meet agreed-on policies and standards for information security.
Responsibilities
• Develops an information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensures senior stakeholder buy-in and mandate
• Develops and enhances an up-to-date information security management framework based on, but not limited to, the following: International Organization for Standardization (ISO) 2700X, ITIL, ENISA, ISA-62443, COBIT/Risk IT, CMMC, and National Institute of Standards and Technology (NIST) Cybersecurity Framework.]
• Coordinates the development and implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support, and in-house consulting in these areas
• Collaborates with IT, cloud, and engineering teams to design and implement security controls that enable cost-effective business initiatives and reduce risk in our products and applications.
• Manages the cost-efficient information security organization, consisting of direct reports and dotted line reports (such as individuals in business continuity and IT operations). This includes hiring, training, staff development, performance management, and annual performance reviews
• Liaises with external entities, such as Federal customers and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well abreast of the relevant threats identified by these agencies.
• Tracks the evolving status of CMMC and ensures the enterprise is ahead of and compliant with evolving requirements as they become codified and finalized.
Qualifications
• Demonstrated experience and success in senior leadership roles in information security, risk management, and IT or OT security.
• Knowledge of information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
• Demonstrated experience leading support and response to external security audits.
• Degree in a STEM field (business IT related program), or equivalent work- or education-related experience.
Preferred Qualifications:
• Graduate degree in a STEM field, or an IT Security or Cybersecurity program.
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control(CRISC) or other similar credentials.
• Experience establishing a Cyber Supply Chain Risk Management program.
• Previous experience as a corporate CISO or head of a Cybersecurity practice.
• TS/SCI with Full Scope Polygraph (or, if not, then TS/SCI with CI Polygraph).
• Experience maintaining IL6, SCIF, and SAP environments.
• Demonstrated ability to lead and motivate even when only "dotted line" reporting lines exist Show more details...
LMI is a consultancy dedicated to powering a future-ready, high-performing government, drawing from expertise in digital and analytic solutions, logistics, and management advisory services. We deliver integrated capabilities that incorporate emerging technologies and are tailored to customers’ unique mission needs, backed by objective research and data analysis. Founded in 1961 to help... the Department of Defense resolve complex logistics management challenges, LMI continues to enable growth and transformation, enhance operational readiness and resiliency, and ensure mission success for federal civilian and defense agencies.
The LMI Chief Information Security Officer (CISO) will be responsible for implementing and running the enterprise Cybersecurity program from strategy to implementation to thought leadership. This will involve identifying, evaluating, and reporting on legal and regulatory, IT, and cybersecurity risks and information assets while supporting and advancing business objectives. The CISO position requires a visionary leader with sound knowledge of Federal government contractor business management and a working knowledge of cybersecurity technologies covering the corporate network as well as the broader digital ecosystem. He or she will proactively work with the CIO, business units and stakeholders to implement practices that meet agreed-on policies and standards for information security.
Responsibilities
• Develops an information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensures senior stakeholder buy-in and mandate
• Develops and enhances an up-to-date information security management framework based on, but not limited to, the following: International Organization for Standardization (ISO) 2700X, ITIL, ENISA, ISA-62443, COBIT/Risk IT, CMMC, and National Institute of Standards and Technology (NIST) Cybersecurity Framework.]
• Coordinates the development and implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support, and in-house consulting in these areas
• Collaborates with IT, cloud, and engineering teams to design and implement security controls that enable cost-effective business initiatives and reduce risk in our products and applications.
• Manages the cost-efficient information security organization, consisting of direct reports and dotted line reports (such as individuals in business continuity and IT operations). This includes hiring, training, staff development, performance management, and annual performance reviews
• Liaises with external entities, such as Federal customers and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well abreast of the relevant threats identified by these agencies.
• Tracks the evolving status of CMMC and ensures the enterprise is ahead of and compliant with evolving requirements as they become codified and finalized.
Qualifications
• Demonstrated experience and success in senior leadership roles in information security, risk management, and IT or OT security.
• Knowledge of information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
• Demonstrated experience leading support and response to external security audits.
• Degree in a STEM field (business IT related program), or equivalent work- or education-related experience.
Preferred Qualifications:
• Graduate degree in a STEM field, or an IT Security or Cybersecurity program.
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control(CRISC) or other similar credentials.
• Experience establishing a Cyber Supply Chain Risk Management program.
• Previous experience as a corporate CISO or head of a Cybersecurity practice.
• TS/SCI with Full Scope Polygraph (or, if not, then TS/SCI with CI Polygraph).
• Experience maintaining IL6, SCIF, and SAP environments.
• Demonstrated ability to lead and motivate even when only "dotted line" reporting lines exist Show more details...
Norton safe Web