This cybersecurity professional acts as a compliance and risk expert for Information Security. Coordinates, designs and implements written policies, controls and appropriate tests based on risk. Also responsible for designing and implementing security processes for the protection of Integer assets. Must have strong demonstrated working knowledge of technical environment, security best practices in manufacturing and business process for a publicly-traded organization. Must be an experienced, analytical thinker with strong technical writing skills who is organized and demonstrates exemplary personal skills and business acumen.
1. Adheres to Integer Values and all safety and quality requirements.
2. Proactively protects the confidentiality, integrity and availability of information in the custody of or processed by the company.
3. Supports risk and compliance activities with regulatory requirements and other statutory regulations (SOX, DFARS, GDPR, ITAR, HIPAA, PCI, etc.)
4. Reviews and responds to security logs, alerts and reports for critical systems.
5. Secure the Integer network and data by understanding threat technologies and using tools to protect against known, emerging and zero-day threats.
6. Participates in the design, implementation and review of security metrics.
7. Responsible for day-to-day operations of technical security including, but not limited to, AV, IPS/IDS, Vulnerability Management, Patch Management, Encryption, MDM, Content Filtering, email hygiene and secure file sharing.
8. Proposes, presents and recommends cybersecurity solutions to IT Management.
9. Leads the day-to-day information security awareness, training and educational programs.
10. Participates in preparation and annual review of necessary information security policies, standards, and procedures.
11. Participates in IT security risk assessments and control design activities.
12. Maintains relationships with strategic vendors with guidance from IT Management.
13. Investigates and resolves incidents and breaches regarding the network.
14. Tests, selects, and implements commercially-available, best-of-breed security products and services.
15. Reviews technical information, requirements statements, feasibility analyses, conceptual designs and other security documents created during the systems development process.
16. Participates in security architecture design, review and planning.
17. Performs other functions as required.
- Bachelor's degree in Information Technology, or equivalent (6+ years) work experience.
- 5-7 years of experience with IT security.
- Experience in a publicly-held IT organization preferred.
- CISSP or similar security certification required.
- CISA, CISSP-ISSEP, CISSP-ISSAP, CRISC and ITIL ITSM Foundation desired.
- Solid knowledge and accompanied experience with Sarbanes-Oxley compliance, corporate security and network policies and procedures.
- Working knowledge of security framework models such as NIST, ISO 27000 series, CIS, COBIT, etc.
- Experience securing Windows platforms in a dynamic production environment.