Infrastructure Team Lead
This job is no longer active.
View similar jobs.
POST DATE 9/17/2016
END DATE 10/9/2016
San Diego Gas & Electric
San Diego, CA
JOB DESCRIPTIONRequisition Number:
Infrastructure Team Lead
Area of Interest:
Responsible for leading a team of highly skilled Information Security professionals in support of the threat and vulnerability management program.
* Lead a highly motivated and skilled technical team.
* Work with information technology, operational technology, and business partners to ensure timely discovery, notification, and remediation of vulnerabilities.
* Efficiently and effectively manage security assessments using both internal and contract resources.
* Provide in-depth analysis of vulnerabilities and impacts to key stakeholders.
* Manage the maintenance and development of custom tools, technology, procedures, and documentation.
* Manage the cyber threat intelligence process, including identification of intelligence requirements, collection, and dissemination of intelligence products.
* Be informed and able to provide subject matter expertise regarding current threats and high risk vulnerabilities.
* Identify potential security concerns and make risk based recommendations.
* Interface with other stakeholders including vendors, application development and technical support staff.
* Coach, teach, and mentor team members enhancing their proficiency.
* Outside of these core responsibilities, must be able to assist with technical and management administration tasks as necessary.
* Bachelor's degree or equivalent in information security, computer science, engineering , telecommunications, or related discipline.
* 5+ years of related experience in Information Security.
* Additionally, should have 4-8 years of experience in project management with thorough understanding of standard PM processes & methodologies, including relationship management, project budget management, new process implementations, manage 2 large cross-functional projects at once, vender management, including procurement & contract development.
* Security certifications such as CISSP, GIAC, CISA desirable.
* Penetration testing experience a plus.
* Strong knowledge of security assessment and vulnerability management processes and technologies.
* Expertise and experience in securing operating systems and network infrastructure.
* Expertise in securing fundamental networking protocols: DNS, HTTP, TCP, UDP, TLS, IPSEC, 802.1x, NFS.
* Understanding of risk modeling concepts and frameworks (STRIDE, DREAD, etc.).
* Understanding of common exploitation techniques and mitigations.
* Strong understanding of the attacker kill chain.
* Strong understanding of risk assessment and risk based methodologies.
* Candidate must have familiarity with regulatory requirements, such as NERC/CIP, NIST SP 800, SOX, etc.
* Strong command of English language (written and oral) at a business level is required.
* Must possess strong consulting, documentation, and presentation skills.
* Must be a self starter; ability and initiative to handle increasing responsibility over time.
* Good judgment and analytical skills, strong follow-up and organizational skills are paramount for the successful candidate.
* Strong negotiation and persuasion skills.
* Demonstrated ability to establish and maintain good working relationships with outside vendors, professional organizations, peer groups, and industry trade groups to stay current with Information Security issues and trends.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability or protected veteran status.
State / Province:
Posting End Date: