Job Functions (Include):
Cybersecurity Leadership and Strategy
- Develop and execute a comprehensive cybersecurity strategy, with a focus on risk management, threat detection, and incident response.
- Oversee the implementation and management of Fortinet firewalls for network security, ensuring optimal performance in protecting internal and external assets.
- Lead the management and optimization of SentinelOne for endpoint protection, ensuring the security of devices across the organization and the rapid detection of potential threats.
- Collaborate with IT Operations to embed security across all IT initiatives and operations, ensuring proactive security measures are taken from the start.
- Work closely with development teams to integrate secure software development practices (e.g., threat modeling, secure coding, code reviews, and penetration testing) into the SDLC for in-house developed software solutions.
Data Governance and Sensitive Data Protection
- Develop and enforce a data governance framework to classify, protect, and secure sensitive data across the company’s distributed operations.
- Implement and maintain encryption and access control mechanisms to safeguard PII, financial data, and other sensitive information.
- Leverage Veeam backups and disaster recovery solutions to ensure data availability and resilience in case of cyber incidents or natural disasters.
- Coordinate with external vendors to ensure data security standards are maintained for managed services and third-party integrations.
Risk Management, Compliance, and Audits
- Conduct regular security risk assessments, vulnerability scanning, and penetration testing to identify and address potential threats.
- Ensure compliance with relevant data privacy and security regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001) and guide the company through audit and certification processes.
- Develop and enforce policies to mitigate risks associated with cloud-based services, on-premise infrastructure, and remote locations.
Incident Response and Security Operations
- Lead the development and execution of an incident response plan that addresses potential data breaches, ransomware attacks, and other security incidents.
- Oversee the management and configuration of Fortinet firewalls, SentinelOne endpoint protection, and Veeam backup systems to ensure continuous data protection and rapid incident detection and recovery.
- Monitor and respond to security alerts, utilizing SentinelOne and other tools to investigate, contain, and mitigate potential threats in real time.
Security Awareness and Training
- Develop and execute a company-wide security awareness program to educate employees on the importance of data protection and best practices for securing sensitive information.
- Provide targeted training on phishing prevention, secure data handling, and threat awareness, tailored to employees at all levels of the organization.
Leadership and Career Growth
- Partner with the CIO to define and implement a roadmap for evolving the organization’s security strategy, with the goal of transitioning into a CISO role as the company’s security needs mature.
- Serve as a thought leader in the organization, guiding teams on emerging threats, industry best practices, and innovative security solutions.
- Mentor and support cross-functional teams in integrating security into their workflows and operational processes.
Qualifications
- Bachelor’s degree in Information Security, Computer Science, or a related field.
- 7+ years of experience in IT security or cybersecurity, with experience in endpoint protection, network security, and data governance.
- Hands-on experience managing Fortinet firewalls, SentinelOne, VMware servers, and Veeam backups in an enterprise environment.
- CISSP, CISM, or similar cybersecurity certifications (preferred but not required).
- Familiarity with Fortinet NSE certifications or VMware certifications is a plus.
- Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and data privacy regulations (e.g., GDPR, CCPA).
- Expertise in Fortinet firewalls, SentinelOne endpoint protection, VMware server security, and Veeam backup solutions.
- Experience with E-mail protection platforms (Proofpoint, Abnormal & KnowBe4)
- Excellent problem-solving, leadership, and communication skills, with the ability to influence and collaborate across teams.
At Tecta America, we take care of our team with a solid benefits package that works for you. This includes medical, dental, and vision coverage, a 401(k) with company match, paid time off, paid holidays, and more.