Apply on Employer Site

Oldcastle BuildingEnvelope · 12 hours ago

Director of Cyber Security

Dallas, TX

Full-time

Hybrid

Director/Executive

10+ years exp

Oldcastle Building Envelope is a leading provider of architectural glass and building products, contributing to various projects across the United States. The Director of Cyber Security is responsible for developing and implementing a comprehensive information and cyber security program, ensuring compliance with industry standards and leading incident response efforts.

Building MaterialInterior DesignManufacturing

H1B Sponsor Likely

Responsibilities

Understand and adhere to NIST, ISO, GDPR, and Data privacy policies and standards

Implement security remediations and improvements partnering with key 3rd party security partners and ensure there are no repeat security related findings from internal and external audits

Choose appropriate content for Security Awareness training programs with key partners to ensure that the program remains an engaging, relevant, and positive training solution inspiring and motivating employees to keep security at the forefront

Research the most relevant and recent content and publish monthly Cyber Security newsletters, impart training to parties/team members with high exposure, and conduct annual/bi-annual Cyber Security awareness programs

Work with other team members to ensure data center operations are world-class and conform to a secure, stable, reliable, and scalable infrastructure for the Company

Advocate for, plan, purchase, implement, manage, maintain, and review security hardware and software, and ensure IT and network infrastructure is designed according to information security best practices

Ensure robust configuration and maintenance with firewalls, patch management, and event management

Work with team members to build world-class threat detection use cases and incident validations, and provide real-time analysis of immediate threats, and triage in the event of breaches

Build world-class capabilities for a robust global incident response plan using state-of-the-art EDR and MDR and collaborate with internal and external team members for 24*7 monitoring, analysis, and alerting

Take the lead on deploying solid remediation actions with internal and external team members

Ensure information security program features are regularly assessed throughout the year (i.e., pen-testing, phishing tests, advanced email security, etc.)

Perform activities and review projects/programs which minimize the risk of data loss or breaches (i.e., user access reviews, security patch management, SSO, etc.)

Remain current on developments in the cyber-security industry including security alerts, bugs, zero-day issues, vulnerabilities, viruses, and malware, providing evaluations and recommendations depending on their potential impact to the Company

Ensure administrators and other privileged users have only the permissions they need at any given time

Monitor the activity of administrators and privileged users

Ensure access to restricted data and systems is only available to designated or authorized employees

Demonstrate a level of maturity in overall leadership, risk management and stay ahead of the curve as it relates to relevant technologies and processes that add value and protect the enterprise

Advise management of potential security risks associated with acquisitions or other major projects/programs

Develop incident reports and articulate actions effectively

Provide monthly cyber and information security metrics report-outs to senior management

Manage the information security program to analyze cyber-security information and utilize said information to enhance the overall security posture of the enterprise

Qualification

CISSP certificationInformation Security ManagementIncident ResponseSecurity ArchitectureNIST CSFVulnerability ManagementSIEMCloud SecurityAnalytical SkillsCommunication SkillsLeadership Skills

Required

Minimum of 10 years information security & Infrastructure management experience

CISSP, CISM, CCSP, or SSCP certification

Bachelor's degree in Computer Science or similar

Experienced with incident responses and collaborating with multiple constituents – forensics, legal, infrastructure, executive leadership, FBI, etc

Demonstrate knowledge of IS areas, such as authentication, encryption, logging, monitoring, vulnerability management and assessment

Demonstrated ability to integrate business needs and exceptional customer service with that of maintaining a strong security framework

Experience with direct knowledge surrounding enterprise security technologies such SIEM, SSO, Privileged Access Management systems, Next-gen firewalls, VPN, IPS/IDS, content filters, Endpoint Security systems, AV, and similar

5+ years technical management in skills including Vendor Management, Information Security, IS Program Management, and/or Security Vendor Management

Experience with managing small, focused teams (outsourced and/or off-shore)

Advanced hands-on knowledge of information security principles and practices, including any of the following: NIST CSF, security risk assessment standards, risk assessment methodologies, and vulnerability assessments

High level of knowledge configuring & troubleshooting Microsoft Windows and other Microsoft technologies, Linux, Network, and Cloud security

Excellent oral and written communication skills; ability to interact with internal and external stakeholders

Must demonstrate strong analytical, reasoning, and critical thinking skills

Ability to carry a mobile device and provide off-hour support as required

Ability to travel across all Company sites, domestically as well as international

Preferred

Formal certification in Information Security Management preferred (CISSP or equivalent)

Benefits

Industry competitive benefits at the lowest cost to the employee

PTO and holidays, including floating holidays you can choose

A pay-for-performance culture with potential for annual raises and bonuses

We will equip you with the knowledge and skills you need to succeed

Company

Oldcastle BuildingEnvelope

Oldcastle BuildingEnvelope is a manufacturer of curtain walls, architectural glass, shower enclosures, glazing hardware, and railings.

Founded in 1989

Dallas, Texas, USA

5001-10000 employees

https://www.obe.com

H1B Sponsorship

Oldcastle BuildingEnvelope has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2024 (3)

2023 (2)

2021 (2)