Previous Job
Previous
IT Security Manager
Ref No.: 16-20052
Location: Dallas, Texas
 Immediate need for a talented IT Security Manager with experience in the IT Industry. This is a Full Time permanent opportunity and is located in Dallas TX . Please review the job description below and contact me ASAP if you are interested.

Job ID.: 16-20052 

Key Responsibilities:

Manager II, IT Security Operations

The. Manager II (Manager), IT Security Engineering will support the client cyber security program and is responsible leading and delivering a comprehensive approach to security engineering,  through the management of a mid-size team which will include corporate and plant engineers.
In the operations role, the Manager will lead a team of Security Engineering personnel to execute security operations requests, incidents, changes, and problems. The Manager will also drive NRC/NEI compliance control initiatives which includes monitoring, troubleshooting, and maintenance of plant security technology.

This candidate will report to the Director of Tech Services Security and be part of the client Tech Services Security team – located in downtown Dallas, TX. A minimum of  20% travel is required to other business unit facilities located throughout Texas, and is required to be available on weekends and evenings.

The primary responsibilities of the Technology Services Security Engineering Manager II position are:
• Management of the security engineering staff.
• Management and administration of staff responsible for security tools such as SIEM, vulnerability management/configuration management, malware detection, file integrity monitoring, multi-factor, web content filtering, and others. Maintain operational run books for security infrastructure/tools supported. Provide update to date asset management of security tools, and partners closely with IT management responsible for overall company asset management of devices.
• Develops and leads security engineers in the implementation and support of a wide array of security tools and technologies and must posse a background in Windows and Unix as well as switch, routers and firewalls.
• Serves as the escalation point for all security engineering, reviews all work product; and ensures efficiency and quality within the team.
• Evaluates various security alerts (vendors and other information sharing forums) and ranks remediation recommendations according to enterprise risk.  Participate as subject matter expert on the company’s threat roundtable reporting on emerging threats and the company’s vulnerability state.
• Contributes to the development and maintenance of the information security strategy - defense-in-depth program. Provides periodic metrics for the operations, threat and vulnerability management program to IT Security leadership.
• Delivers a leadership role in providing network and system security advice and risk analysis to business units who engage with the Information Security team.
• Supports the Business Continuity, Technology Services Risk, and Disaster Recovery functions. Assists in  keeping the Incident Response plan evergreen. Assists with exercises and training the incident response teams and participates in security incident response efforts by having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures.  Acts as a technical consultant on information security incident investigations, and forensic technical analyses.
• Supports the Technology Services Security controls to meet the requirements of all regulatory requirements or contractual requirements; NACHA, PCI (Payment Card Industry) Security Standards, state and federal Privacy law, Sarbanes Oxley Act (SOX), and NERC, NEI, NRC, etc
• Supports Regulatory Compliance function, and provides evidence in Technology Servcies compliance activities in support of internal and/or external audits
• Partners with the Technology Services Security Architect staff, infrastructure personnel, and network and / or operations teams, to ensure the implemented technologies are integrated and fully utilized as intended in the protection of Company's assets.
• Communicates effectively at different levels within and outside the organization - leadership/management, business stakeholders, software vendors and sourcing suppliers.
• Develops and fosters strategic relationships and establishes key organizational partnerships.
• Perform other related duties as assigned. 

Education and Experience
• Bachelor’s Degree or equivalent experience in Information Technology and Security Operations. Minimum fours (4) year's experience in various IT roles, and proven and experience with leading a mid-size team.
• Minimum of three (3) years hands on experience administrating Linux Operating systems.
• Minimum of three (3) years hands on experience administrating Windows Operating Systems

• The candidate will have a strong background within information security and security engineering, with hands-on experience of a diverse range of security technologies that include: multivendor stateful, non-stateful, and application firewalls, HIDS, NIDS/NIPS, Wireless, NAC, SSL and IPSEC VPN’s, DLP, SIEM, PKI/Strong Authentication, database technologies, load balancing, application security - XML, Web Services and SOAP protocols, both in client and server as well as dynamic languages such as Objective-C, VBScript, JavaScript; network and web related protocols (TCP/IP, UDP, IPSEC, HTTP, HTTPS, SMTP, SNMP, ICAP, etc.); encryption technologies, mobility security, WAF, WiFi, Mobile security, DLP, Digital Certificates, Encryption and Authentication techniques, end user computing security, cloud security, network security, security monitoring and event correlations, computer forensic analysis, and OS vulnerability scanning tools and management.
• Experience in incident response, computer forensics and network forensics.
• Demonstrated understanding of the following concepts and technologies:
• Defense in depth security models and security management practices
• Cloud Security Concepts (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data protection
• Security architectures for a large scale SOA project that involves cross enterprise information exchange.
• SDLC process and the ability to follow the process to effectively develop and design solutions.
• Application Security Vulnerabilities such as OWASP Top 10, CWE/SANS Top 25 and remediation approaches
• Experience with enterprise technologies, authentication and authorization schemes (Active directory, LDAP, etc.)
• Technical documentation, including product documentation, technology and process best practices, and technical whitepapers.
• Relational Databases, Middleware Applications, Collaboration and Document management solutions.
• Demonstrated experience teaming with business and IT stakeholders at all levels, to deliver and sustain high caliber on projects and operations.
• Demonstrated cross-domain and cross-functional knowledge that will enable design of the best possible security technology solutions.
• Active industry certification(s) required (such as CISSP, CISA, CISM, CEH, SANS – GSEC, GCIH, etc)
• In-depth experience with IT audit/assessment/examination; SAS 70/SSAE practices; PCI, NACHA, ITIL; ISO-standards; NIST, CobiT and Industry standard application development methodologies
• Establishes and maintains strong working relationships with groups involved with information security matters such as the Legal Department, Internal Audit Department, Physical Security Department, Information Technology Department, Information Security Council, HR and all outsourced IT organization
Required Personal Characteristics:
• Ability to self-manage including planning, providing status updates and metrics
• Ability to work independently and as part of a team.
• Self-starter and self-motivating.
• Excellent problem solving, analytical, communication, organization, task and time management skills
• Capable of delivering results through a position of influence, not authority


Our client is a leading Energy organization and we are currently interviewing to fill this and other similar contract positions. Qualified candidates should apply NOW for immediate consideration. 
 
If you are interested in this position, please apply online for immediate consideration.