Skills

Leadership Critical Thinking Penetration Testing Vulnerability Assessment CI/CD DevOps Change Management Decision-making Networking Architecture Solution Architecture Application Architecture Risk Analysis power bi Critical Analysis Organization Project Management cloud platforms SDLC Analytical Thinking Embedded Systems

Job Specifications

Typical task breakdown:

- Integrate and collaborate with DT&D business partners to ensure understanding of key business strategies and challenges.

- Provide cybersecurity expertise and leadership in defining, prioritizing, and executing key initiatives that deliver cyber safe solutions and enable business strategy.

- Evaluate solutions and identify technical and process improvements that deliver alignment with secure SDLC & DevSecOps best practices and CLIENT Information Security Directives

- Assist in solution architecture development/documentation and perform architecture security reviews.

- Provide technical and process expertise associated with cyber governance, risk, and compliance activities.

- Drive the remediation of known vulnerabilities while developing and executing strategies that deliver operationally sustainable vulnerability management.

- Identify, track, and report key cyber metrics to business unit stakeholders.

- Develop/own documented strategies to address key cyber risk areas.

- Maintain current knowledge on existing security procedures, directives and technology controls including secure application architecture, threat modeling, attack and penetration testing, data classification and data handling.

- Participate in working groups and provide insights into solution development teams on leading architecture, design, and security practices.

Interaction with team:

- Working with security mgrs. within the business side as well as the CLIENT cybersecurity team.

Work environment:

5 day in office

Education & Experience Required:

- Bachelor’s degree with 10+ years experience in this capacity

- Master’s degree with 8+ years experience in this capacity.

- Ten or more years in information security or solution development/engineering

Required Technical Skills

· (Required) Experience with relevant industry standards, such as:

o EU-CRA

o ISO 27001

o NIST CSF

o NIST 800-82

o ISA 62443

o OWASP

· Experience with a wide variety of information security processes and principles, such as:

o Power BI

o Application architecture and DevOps tooling

o Connected Asset Security

o Developing and deploying services within cloud platforms

o Integration and automation of security into SDLC and CI/CD development processes

o Threat modeling & Risk analysis

o Vulnerability assessment and remediation

o Identity and Access Management standards and best practices

o Defense in depth

o Embedded systems security

o Networking concepts on-prem and cloud

o API & Web services security

Top Candidates Will Have:

· Professional information security certification (CISSP, CCSP, CSSLP, GISCP, GPEN, GWEB, etc.)

· Excellent written and verbal communications skills; demonstrated ability to communicate highly technical security concepts to non-security audiences.

· Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change, while multitasking effectively

· Ability to coordinate multiple teams in accomplishing process review and improvement.

· Demonstrated ability in project management and change management.

· Demonstrated ability to develop metrics, perform critical analysis and develop executive decision support content.

Soft Skills

(Required)

- Effectiveness Measurement: Knowledge of effective measurement techniques and ability to measure the quality and quantity of work effort for the purpose of improvement

- Planning: Tactical, Strategic: Knowledge of effective planning techniques and ability to contribute to operational (short term), tactical (1-2 years) and strategic (3-5 years) planning in support of the overall business plan.

Analytical Thinking: Knowledge of techniques and tools that promote effective analysis; ability to determine the root cause of organizational problems and - create alternative solutions that resolve these problems.

- Consulting: Knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, both internal and external; ability to apply consulting knowledge appropriately.

- Decision Making and Critical Thinking: Knowledge of the decision-making process and associated tools and techniques; ability to accurately analyze situations and reach productive decisions based on informed judgment.

- Technical Excellence: Knowledge of a given technology and various application methods; ability to develop and provide solutions to significant technical challenges.

- Information Security Administration: Knowledge of information security administration; ability to develop and apply an organization's information security policies, standards and procedures ensuring the integrity and safety of information.

About the Company

DSM-H is a multinational Management Consulting and Software Development firm founded on the principles of Operational Excellence. We work with clients in the private, public, government and not-for-profit sectors to deliver high quality products and services that meet the demanding requirements of today's marketplace. DSM-H makes businesses successful by using our business transformation methodology which emphasizes winning through value creation, constant innovation and continuous improvement. We develop innovative strategi... Know more