Job ID: 2024-1312 Type: Regular Full-Time # of Openings: 1 Category: Information Technology Cobb EMC
Overview
Cobb EMC has an exciting opportunity for a Director, Enterprise Security who will own enterprise cybersecurity across Cobb EMC. Through leadership, strategic thinking, and technical expertise, play a key collaborative role to safeguard the organization's digital assets, deliver on high reliability performance and availability across the network, efficient system architecture, high customer trust, and compliance with industry standard cybersecurity regulations. Assume a crucial role in developing and maintaining a strong cybersecurity posture for the organization and the execution of the operational approach across Information Technology and Operational Technology.
Drive the ongoing education and collaboration with the Divisions on making risk-informed decisions that enable the company to achieve its objectives, balance value to our Members, and reduce cybersecurity risk and cost Implement practices that meet defined objectives and standards for security across the Information Technology, Operational Technology, Cloud and other emerging technologies environments identified on the long-range technology roadmap.
Schedule: Monday-Friday 8am-5pm *This is an in-office position*
Benefits:
Company paid Health Insurance Premiums!
Insurance is effective your first day of employment
Retirement Security Pension plan!
Automatic 7% Company paid contribution to 401k with additional matching!
To learn more about Cobb EMC visit our website at www.cobbemc.com
Responsibilities
What you will be doing:
Develop and execute an enterprise-wide security framework based on NIST, COBIT, federal laws, and state laws to mitigate risk and ensure compliance. Drive roadmaps that mitigate risk through the right balance of controls, cost and operational flexibility.
Collaborate with Technology leaders (IT & OT), business leaders and physical security to set the strategic direction of Cobb EMC’s cybersecurity program. Ensure integration with business systems/applications strategies and digital asset deployment, introduce evolutionary concepts, and solicit feedback to ensure alignment with the business goals of the company.
Manage enterprise security for success, including long range planning, forecasting, annual budget, budget reporting, resource allocation, service quality, procurement of necessary tools and technologies, and ensuring cost-effective solutions. Manage security awareness training programs for all employees, contractors, and approved system users.
Stay abreast of current cyber events and monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate risks and courses of action.
Develop, deploy and maintain up-to-date cybersecurity policies, practices, and instructions. Ensure the appropriate approvals, buy-in, publication and training are managed for employee engagement and understanding and compliance.
Participate in cyber liability insurance program analysis and identified liability risks and recommend mitigation measures.
Facilitate cybersecurity governance and oversight with relevant cybersecurity regulations, industry standards, and privacy laws. This includes maintaining awareness of changing regulations and proactively implementing necessary measures to meet compliance obligations.
Oversee the day-to-day operations of the cybersecurity team, including monitoring, and responding to security incidents, conducting investigations, and coordinating incident response plans.
Develop and maintain robust incident response plans to effectively handle and mitigate cybersecurity incidents. Coordinate incident response teams and conduct post-incident analysis to continuously improve response capabilities.
Manage the performance of external resources involved in the cybersecurity program, internet service providers, key vendors to ensure strong agreement and alignment of performance and service continuity.
Qualifications
Minimum Requirements:
Bachelor's degree from an accredited college/university with a major in Information Systems, Electrical Engineering, Information Security or closely related field required.
Master’s degree in science, technology or equivalent is a plus.
A minimum of a ten years of experience in Information Security, IT Leadership, or a related technical role is required. At least five of the ten years should include serving as a security leader with exclusive responsibility for managing the security functions, concentrating on execution and delivery.
Demonstrable experience in a specified role, managing security incidents or breaches, including evaluation, mitigation, and response. Must have proven skills in identifying, evaluating, and handling threats, such as cyber threats, risks to enterprise data, and management of responses to security compromises.
Proficiency with fiber optics, Ethernet, LANs, WANs, wireless connectivity, corporate cybersecurity measures, top-tier firewalls, IDS/IPS, remote access technologies, VMWare, high-end storage solutions, data backup and archiving, Active Directory management, and Linux server clusters.
Prior experience with securing Control Systems (SCADA/DCS/PLC).
Experience with cyber security insurance programs and cyber liability risk assessment, mitigation, and claims.
SKILLS:
Must possess strong knowledge, technical skills and experience in executing the 8 domains of the CISSP framework (certification is a plus) with a proven track record of results in a security leadership role.
Prior experience with industry standards implementation and governance in the standard NIST CSF Framework with demonstrated and quantifiable results.
Must be able to act with integrity, professionalism, and confidentiality.
Excellent written and verbal communications with experience presenting to leaders, executives, and Boards.
Experienced with the ability to own and drive broad policy deployment without getting entangled in details for effective security maturity results.
CORE Values:
Put People First
Care, listen and connect. Think team, not self. Respect and value differences.
Stay Safe
No shortcuts. See the big picture, no tunnel vision. Look out for each other
Innovate
Embrace change. Think big and bold. Be part of the solution.
Own It
Own your attitue, actions and words. Find a way. No BCD. Never stop learning.