Info System Security Lead

Gilbane Building Company - Cleveland, OH

posted 3 months ago

Full-time - Mid Level
Cleveland, OH
Construction of Buildings

About the position

The Information Systems Security Lead at Gilbane Building Company is responsible for creating and maintaining comprehensive information security policies and procedures that comply with U.S. Federal Government industrial security programs. This role involves assessing and ensuring the implementation of new information security technologies within designated environments, establishing training programs for information security, and monitoring compliance with established frameworks as mandated by contracts, laws, regulations, or statutes. The position is critical in supporting Gilbane's commitments to compliance within the Defense Industrial Base, ensuring that the organization effectively manages its cybersecurity posture and reduces overall risk. In this role, the Information Systems Security Lead will acquire and manage necessary resources, including leadership support and key security personnel, to achieve IT security goals. The lead will advise senior leadership on changes affecting the organization's cybersecurity posture and will be responsible for collecting and maintaining data required for system cybersecurity reporting. The position also entails ensuring that security improvement actions are evaluated and implemented, coordinating cybersecurity inspections and tests, and identifying alternative strategies to meet organizational security objectives. The lead will oversee the information security training and awareness program, participate in risk assessments, and contribute to the development of cybersecurity program plans. Additionally, the role includes preparing and maintaining plans, instructions, and standard operating procedures related to network system security operations. The Information Systems Security Lead will also provide input on cybersecurity requirements for procurement documents, manage incident responses, track audit findings, and ensure that remediation plans are in place for identified vulnerabilities. Overall, this position is pivotal in assuring the successful implementation of security requirements and IT policies that align with the organization's mission and goals.

Responsibilities

  • Acquire and manage necessary resources to support IT security goals and reduce organizational risk.
  • Advise senior leadership on changes affecting the organization's cybersecurity posture.
  • Collect and maintain data needed for system cybersecurity reporting.
  • Ensure security improvement actions are evaluated, validated, and implemented as required.
  • Coordinate cybersecurity inspections, tests, and reviews for the network environment.
  • Identify alternative information security strategies to address organizational security objectives.
  • Manage monitoring of information security data sources to maintain situational awareness.
  • Oversee the information security training and awareness program.
  • Participate in information security risk assessments as required by the CMMC program.
  • Develop or modify computer environment cybersecurity program plans and requirements.
  • Prepare, distribute, and maintain plans and standard operating procedures for network system security operations.
  • Provide system-related input on cybersecurity requirements for procurement documents.
  • Recognize and report possible security violations as required.
  • Recommend resource allocations for cybersecurity operations.
  • Supervise protective or corrective measures during cybersecurity incidents or vulnerabilities.
  • Track audit findings and ensure appropriate mitigation actions are taken.
  • Ensure plans of actions and milestones for vulnerabilities identified during assessments are in place.
  • Assure implementation and functionality of security requirements and IT policies consistent with organizational goals.
  • Support compliance activities to ensure system security configuration guidelines are followed.

Requirements

  • Bachelor's degree in computer science, information technology, cybersecurity, or related field.
  • 6-10 years of relevant experience in information security or related fields.
  • CISM, CISSP, or EC-Council equivalent or cybersecurity-related certifications desired.
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of cybersecurity principles for managing risks related to information processing and transmission.
  • Knowledge of incident response and handling methodologies.
  • Knowledge of current industry methods for IT security assessment and monitoring tools.
  • Knowledge of risk management processes and server administration principles.
  • Skill in creating policies that reflect system security objectives and determining security system functionality.
  • Knowledge of applicable laws and regulations related to cybersecurity.

Nice-to-haves

  • Experience with cloud computing service models (SaaS, IaaS, PaaS).
  • Familiarity with NIST Special Publications concerning Information Security and Cybersecurity.

Benefits

  • Competitive health and welfare benefits.
  • Generous profit-sharing/401k plan.
  • Investment in employee education through Gilbane University.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service