The Villages
Assistant Director of Cyber Security
The Villages, The Villages, Florida, United States, 32162
Within the spirit of "Making People's Dreams Come True", this position is responsible for focusing on all aspects of security and compliance related to our business and of our clients. They will provide guidance and mentorship to a team of cybersecurity professionals, oversee day-to-day operations, and develop strategies to mitigate risks and respond to cybersecurity incidents effectively. These duties are accomplished while delivering Raving Fans customer service to both internal and external customers.
Full Time, On Site Position Competitive salary based on experience: Starting at $86,400
Benefits for full-time eligible positions: Medical (HSA/FSA), Dental, and Vision | 401K and/or ROTH | PTO & Paid Holidays | Basic Life & AD&D | The Villages Charter School eligibility | and much more!
Responsibilities:
Cyber Security Management
Coordinate and document the handling and resolution of incidents of security breach, to include system intrusions and abuse, acts as secondary point of contact. Oversee Security & Compliance including PCI/PII/HIPPA/GDPR to achieve cohesive forensic analysis and incident reporting. Assist Director of Cyber Security in conducting vulnerability assessments, risk managements, host and network intrusion detection, endpoint protection technologies, firewalls, SIEM, data loss prevention, Web proxy, Web Application Firewalls, file integrity monitoring, email protection, malware analysis, cloud security, and Incident response. Under minimal supervision lead a team of Cyber Security Specialists keeping team members focused on the ever-changing vision of Cyber Security for our companies and for external companies we service. Develop, facilitate, and present information security awareness and security training throughout the company and for other entities we support. Maintain/document Security Posture for the entities we support with recommendations for needed changes. Participate in development and implementation of computing information security policies and procedures; develops security guidelines and safe practices for company-wide computing and networking systems. Provide guidance to less experienced team members through technical situations. Ensure that all computers (servers and endpoints) are kept current with Security Updates. The Leverages team conducts the patching process with checks to ensure Servers have returned available for access after updates. Ability to report on patch status. Oversee daily operations and respond to threat indicators or incidents with Security Operations Center (SOC) environment and tools including but not limited to: • Anti-virus • Vulnerability management • Intrusion Detection and Prevention System (IDS, IPS) • Security Incident and Event Monitoring (SIEM) • Data loss prevention (DLP) • Intrusion Detection/Prevention Systems (IDS/IPS) • Threat intelligence systems. Maintain Antivirus implementations for our core companies and that of our customers. Ability to report on abnormal activity, threat hunt, resolve infections. Includes deployments and configuration and assignments of policies. Research detected threats and evaluate for additional Indicators of Compromise (IOCs) via malware analysis, sandboxing, VirusTotal, etc. to further investigation and mitigation. Design and implement new security technologies and evaluate/recommend changes for existing designs in compliance with security standards and best practices. Stay informed about current and emerging threats to general technology and to specific threats to the Villages or its customers through research and testing. Develop methods of proactively detecting/mitigating threats using threat intelligence, honeypots/traps, IDS, etc. Review, recommend & implement Active Directory Group Policy Security Best Practices. Work closely with the Network division to monitor and investigate security related issues originating from Network division tools or reviews. Incident Response
Provide 24x7 access for incident response, including log review, data collection, SOC tool research, and forensic capture of system information. Work with law enforcement, as required, to meet submission or reporting requirements. Communicate with legal representatives of customers when required. Assist junior team members to provide post incident security reports detailing available information concerning attack, possible avenues of compromise, remediation actions, and any recommendations for preventing future attacks of a similar nature. Requires use of our current ticketing system to keep track of work items, SLA, priorities, documentation of work performed and follow-up to our customers. Communicate with appropriate people using the most effective medium whenever there is an issue or possible outage of service. This includes notification when an issue or outage has been resolved. All communication must be in a warm positive, friendly, professional conduct while representing TSG; both on and off property functions. Advises Director of Cyber Security of any issues that affect our delivery of services to our customers promptly. All other duties as assigned. Education & Experience Requirements:
Bachelor's degree or equivalent; and/or five (5) years related experience and/or training; or equivalent combination of education and experience. Desired Microsoft Certifications; one of the following or equivalent: MTA, MCSE, MCSA or MCITP. Other desirable certifications; the following or equivalent: CompTIA Security+, GIAC Security Essentials, CEH, CISSP, CISM. Ability to demonstrate and apply understanding of the following: web content filters/proxies, email security capabilities, IDS, IPS, SIEM, DNS security practices, advanced log analysis, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, anti-virus capabilities, Linux/UNIX command line, and access control lists.
Full Time, On Site Position Competitive salary based on experience: Starting at $86,400
Benefits for full-time eligible positions: Medical (HSA/FSA), Dental, and Vision | 401K and/or ROTH | PTO & Paid Holidays | Basic Life & AD&D | The Villages Charter School eligibility | and much more!
Responsibilities:
Cyber Security Management
Coordinate and document the handling and resolution of incidents of security breach, to include system intrusions and abuse, acts as secondary point of contact. Oversee Security & Compliance including PCI/PII/HIPPA/GDPR to achieve cohesive forensic analysis and incident reporting. Assist Director of Cyber Security in conducting vulnerability assessments, risk managements, host and network intrusion detection, endpoint protection technologies, firewalls, SIEM, data loss prevention, Web proxy, Web Application Firewalls, file integrity monitoring, email protection, malware analysis, cloud security, and Incident response. Under minimal supervision lead a team of Cyber Security Specialists keeping team members focused on the ever-changing vision of Cyber Security for our companies and for external companies we service. Develop, facilitate, and present information security awareness and security training throughout the company and for other entities we support. Maintain/document Security Posture for the entities we support with recommendations for needed changes. Participate in development and implementation of computing information security policies and procedures; develops security guidelines and safe practices for company-wide computing and networking systems. Provide guidance to less experienced team members through technical situations. Ensure that all computers (servers and endpoints) are kept current with Security Updates. The Leverages team conducts the patching process with checks to ensure Servers have returned available for access after updates. Ability to report on patch status. Oversee daily operations and respond to threat indicators or incidents with Security Operations Center (SOC) environment and tools including but not limited to: • Anti-virus • Vulnerability management • Intrusion Detection and Prevention System (IDS, IPS) • Security Incident and Event Monitoring (SIEM) • Data loss prevention (DLP) • Intrusion Detection/Prevention Systems (IDS/IPS) • Threat intelligence systems. Maintain Antivirus implementations for our core companies and that of our customers. Ability to report on abnormal activity, threat hunt, resolve infections. Includes deployments and configuration and assignments of policies. Research detected threats and evaluate for additional Indicators of Compromise (IOCs) via malware analysis, sandboxing, VirusTotal, etc. to further investigation and mitigation. Design and implement new security technologies and evaluate/recommend changes for existing designs in compliance with security standards and best practices. Stay informed about current and emerging threats to general technology and to specific threats to the Villages or its customers through research and testing. Develop methods of proactively detecting/mitigating threats using threat intelligence, honeypots/traps, IDS, etc. Review, recommend & implement Active Directory Group Policy Security Best Practices. Work closely with the Network division to monitor and investigate security related issues originating from Network division tools or reviews. Incident Response
Provide 24x7 access for incident response, including log review, data collection, SOC tool research, and forensic capture of system information. Work with law enforcement, as required, to meet submission or reporting requirements. Communicate with legal representatives of customers when required. Assist junior team members to provide post incident security reports detailing available information concerning attack, possible avenues of compromise, remediation actions, and any recommendations for preventing future attacks of a similar nature. Requires use of our current ticketing system to keep track of work items, SLA, priorities, documentation of work performed and follow-up to our customers. Communicate with appropriate people using the most effective medium whenever there is an issue or possible outage of service. This includes notification when an issue or outage has been resolved. All communication must be in a warm positive, friendly, professional conduct while representing TSG; both on and off property functions. Advises Director of Cyber Security of any issues that affect our delivery of services to our customers promptly. All other duties as assigned. Education & Experience Requirements:
Bachelor's degree or equivalent; and/or five (5) years related experience and/or training; or equivalent combination of education and experience. Desired Microsoft Certifications; one of the following or equivalent: MTA, MCSE, MCSA or MCITP. Other desirable certifications; the following or equivalent: CompTIA Security+, GIAC Security Essentials, CEH, CISSP, CISM. Ability to demonstrate and apply understanding of the following: web content filters/proxies, email security capabilities, IDS, IPS, SIEM, DNS security practices, advanced log analysis, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, anti-virus capabilities, Linux/UNIX command line, and access control lists.