Not Authorized
You are currently not authorized to access this section.
Please contact your Administrator to change your authorization settings.
Please contact your Administrator to change your authorization settings.
Director, Cyber Defense & Threat Management (US)
Catonsville, MD
Job Description
As part of a Security Team supporting a market leading Software as a Service (SaaS) offering, the Director, Cyber Defense & Threat Management at PointClickCare will provide strong technical leadership and support for implementing, developing, and maintaining security solutions to safeguard cloud environments and corporate technology environments. The Director will act as a senior trusted security advisor and partner to corporate technology, product engineering, and cloud infrastructure teams, leveraging strong technical security acumen and proven ability to achieve consensus in a highly complex, fast-moving technology environment. This is a newly envisioned position and will be responsible for developing a new integrated cyber fusion practice including the disciplines of Cyber Threat Intelligence, Attack Surface Reduction and Vulnerability Management, and serve as Incident Commander.
Reporting to the Vice President, Information Security (Chief Information Security Officer), the Director will own our defensive cyber operations, including management of in-house staff, contractors and 24x7x365 MSSP managed service providers partners. The position is responsible for continuously enhancing tooling/monitoring/staff and outsourced relationships to monitor for and prevent security events, conduct threat intelligence/hunting activities, coordinate and lead responses to security incidents, and manage cyber security investigations.
The ideal candidate will be well versed in procedural/technical cyber security and responsible for providing strategic oversight and hands on technical guidance to the above functions and team members. The Director will serve as Incident Commander and effectively manage multiple incidents, communicate with a cross functional set of stakeholders, and support lessons learned including establishing requirements around continuous strengthening of controls around detection and response.
As a Strategist, you will:
- Proactively plan for cyber operations and defensive/assurance needs, including next generation security tools and automated detection, prevention and response.
- Remain up to date with current attack methods and characteristics to identify threats and advise on prevention, mitigation and remediation.
- Provide recommendation, input and as needed develop maintain, and publish best practice information security policies, standards and guidelines.
As an Effective Leader, you will:
- Establish a new integrated cyber fusion practice including the disciplines of Cyber Threat Intelligence, Attack Surface Reduction and Vulnerability Management
- Transform the team from reactive, to proactive and predictive threat hunting, recommending mitigations and countermeasures
- Act as a hands-on leader, set vision and direction for the Cyber Defense and Threat Management (CDTM) teams as they strive to achieve technical excellence, operational rigor, while consistently aligned with PointClickCare strategic business goals
- Effectively guide the team and coordinate with other departments during challenging times such as incident troubleshooting, mitigation, containment and response to security incidents and recovery
- Collaborate with Corporate Technology Services, Legal, Hosting, Product Engineering Service Reliability Engineering (SRE) teams to drive continued operational maturity across our cyber security processes, platforms and tools overall information security and risk posture.
- Play a lead role in identifying and reporting on areas of cyber risk resulting in situational awareness, oversight, and risk-informed recommendations to improve the security posture of PointClickCare
As an Operations Expert, you will:
- Manage, monitor and operate infrastructure and network information security tools
- Triage security events, coordinate incidents with Incident Management Team, Corporate Technology Services, Legal, Hosting (SaaS Operations) and Product Engineering/SRE teams and support the Incident Management process
- Drive best in class operations through the development and enforcement of Operational KPI's/KRIs
- Work closely with stakeholders to ensure security tools perform reliably and service degradations are minimized
- Work as part of a 24x7x365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signatures
- Oversee internal customer service request completion to ensure timeliness and quality, including acting as an escalation point for all security requests and incidents
- Ensure consistent development of knowledge base articles for standard support issues
- Develop, author, and deliver process improvements for the SOC in order to maintain operational readiness for incident response
- Manage vendor relationships and contracts to control costs and drive service excellence
Basic Qualifications:
- Significant experience running a cyber defense program, managing a team and tooling, and delivering best in class protection and incident response
- Strong interpersonal skills including mentoring, coaching, collaborating, and team building
- Strong analytical, planning, and organizational skills with an ability to manage competing demands;
- Strong knowledge and understanding of business needs with the ability to establish/maintain high level of customer trust and confidence;
- Proven experience leading cyber security teams in the areas of security engineering and/or cyber security operations, preferably in large-scale, complex technology environments
- Proven experience working in the field of information security, technology, preferably managing a Security Operations Center
- Excellent written and verbal communication skills. This role requires the ability to articulate complex technical concepts in clear, concise, actionable manner through both written products and verbal communications
- Experience in security operations/engineering experience in cloud environments, particularly on the Azure public cloud platform
- Experience with cybersecurity technologies including Data Loss Prevention (DLP), network operations, architecture, security, firewall, endpoint protection, security monitoring (SIEM), key and secrets management, incident response and cyber exercises;
- Experience with analysis of emerging threats and reports that describe the implications of threat(s) and opportunities to executives or senior decision-makers
- Execution oriented and a self-motivator
- Ability to manage multiple projects while maintaining superior results
- Ability to work cross-functionally, individually, and to lead work among a team
Preferred Qualifications:
- Experience with forensic techniques and toolsets; most major host operating systems and file system types; analysis of many different types of security logs; command line interfaces and scripting tools (powershell, grep, awk, sed, etc.); programming languages (python, perl, etc.); and/or data interchange formats (e.g. JSON)
- Expert understanding of TCP/IP, networking concepts, and services such as DNS, SMTP, HTTP, HTTPS
- A Bachelor's degree in Computer Science or military experience
- Experience with security technologies such as AV/EDR, IDS/IPS, NGFW, UTM, FIM, SIEM, WAF, DLP solutions
- A high level of familiarity with malicious code threats as well as common attack and penetration techniques used by adversaries
- Ability to communicate clearly and to interact effectively at all levels of the organization, and to influence as warranted and appropriate
- Passion and expertise in cybersecurity, with an ability to be confident, respectful, and articulate when registering dissenting or unpopular opinions
- Experience in health care information security and familiarity with HIPAA/HITRUST
- At least 1 professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or willingness to obtain within first year of employment if other qualifications are suitable
- Familiarity with NIST Cybersecurity Framework controls, NIST 800-53, ISO 27000-1
$189,000 - $221,000 a year
At PointClickCare, base salary is one of the many components that make up our total rewards package. The US base salary range for this position is $189,000 - $221,000 + bonus or commission + equity + benefits. Our salary ranges are determined by job and level. The range displayed on each job posting reflects the target for new hire salaries for the position across all US locations. Within the range, individual compensation is determined by job-related skills and knowledge, relevant experience including professional and lived experience, and/or work location. Your recruiter can share more information about our total rewards package during the hiring process.
#LI-Remote
#LI-JP1
Audacious Inquiry is an Affirmative Action/Equal Opportunity Employer.
Audacious Inquiry is deeply committed to the principles of equity, diversity, and inclusiveness. We seek to create a pluralistic community for all team members and we are proud to be an Affirmative Action/Equal Opportunity employer. We encourage all people to apply.
Job Summary
Company
Start Date
As soon as possible
Employment Term and Type
Regular, Full Time
Required Education
Bachelor's Degree
Required Experience
Open
Email this Job to Yourself or a Friend