Director, Threat and Vulnerability Management

Aventiv Technologies
Published
October 15, 2020
Location
Carrollton, TX
Category
Job Type

Description

Welcome to Aventiv Technologies. Please watch this brief video to find out if this is the place you want to be!

 

https://vimeo.com/391578629/5ba31cc5e9

Job Purpose:

Reporting to the CISO, will be responsible for overseeing the Enterprise cybersecurity, assessment, remediation and secure development services.  Responsible for overseeing the development and tracking of appropriate remediation plans and delivering clear and accurate reports detailing the organizations security posture. The position works closely with the development communities partnering with teams to integrate secure coding best practices.

Responsibilities

Essential Duties

  • Work in a consultative fashion with IT organization and business unit leadership to share the vision and operational requirements to improve the security posture.
  • Deliver strategic thought-leadership for multiple information security disciplines such as, penetration testing, vulnerability management, secure application development and remediation for identified vulnerabilities.
  • Create and maintain the set of unified key performance and risk indicators aligned to stakeholder requirements.
  • Work with development teams and understand various development methodologies and frameworks in place and help augment existing secure coding practices within the development lifecycle.
  • Lead and support ongoing work with the product teams to perform security design/code reviews and vulnerability management within CI/CD environments.
  • Aid in the automation of implementing security controls within development lifecycle
  • Promote and develop vulnerability assurance initiatives work to improve existing security services, including the continuous enhancement of existing methodology material and supporting assets.
  • Work with the Security Operations teams to monitor and research industry information sources for zero-day threats and vulnerabilities that impact the organization
  • Define standardized processes, tools, and platforms for the timely and quality delivery of cybersecurity solutions in cooperation with other IT and business units.
  • Provide leadership to department heads in a fashion that supports the company’s culture, mission and values.
  • Establish cybersecurity capabilities and processes to protect company assets.
  • Maintain strict confidentiality of sensitive information.
  • Ensure that sensitive data is protected from unauthorized modification, destruction and disclosure.
  • Collaborate with external vendors to procure best cost for professional service renewals and new engagements.
  • Identify project roadblocks and work with management and team members to resolve them.
  • Work with company operating leadership to forecast and manage corporate budgets associated with SG&A, capital, maintenance/support, and hosted services.

 

Knowledge, Skills, and Abilities

  • Aptitude to think and act strategically, independently and proactively.
  • Strong verbal and written communicator that can appropriately present complex concepts to technical teams and business peers.
  • Lead the team in establishing and executing the roadmap and deliver quality results.
  • Ability to lead teams in the development, implementation, and maintenance of cybersecurity services and tools.
  • Demonstrated ability to build collaborative organizations working effectively in a cross-functional team environment.
  • Ability to work professionally with confidential information.
  • Proficient in NIST 800-53, NIST Cybersecurity Framework, and cybersecurity risk management programs.
  • Manage financial resources within targets.
  • Direct large group of highly technical professionals to maximum performance.
  • Effective vendor negotiating skills for both purchasing and maintenance contracts.

Qualifications

Minimum Qualifications

  • 7+ years’ management and strategic experience leading security teams.
  • Experience with corporate level budgeting processes.
  • Experience with Strategic Planning and Execution.
  • Computer operations, programing, and system design experience.

Preferred Qualifications

  • CISSP certified candidates strongly preferred.
  • MS and/or MBA.
  • Five plus (5+) years of background functioning in a senior leadership role, major operating group or subsidiary with accountability for cybersecurity.
  • Certification(s): CISSP, CISM, CISA, CRISC, PCIP, etc.

Physical Demands

Standing, sitting, walking, speaking, listening, bending, reaching, pushing, pulling, lifting, grasping and manipulating tools, typing, using peripheral computer tools.  May be required to lift up to 25 pounds. 

www.aventiv.com/privacy

Equal Employment Policy:

The Company’s policy is to provide equal employment opportunity to all individuals in all of its employment programs and decisions.  Securus Technologies, Inc., and its Subsidiaries will not discriminate against any associate or qualified job applicant with respect to any terms, privileges, or conditions of employment because of that person’s race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic or status protected under local, state or federal law, ordinance or regulation.

Apply
Drop files here browse files ...

Author: