Cyber Security Lead

HMG America LLC is the best Business Solutions focused Information Technology Company with IT consulting and services, software and web development, staff augmentation and other professional services. One of our direct clients is looking for Cyber Security Lead in Dallas, TX . Below is the detailed job description.

Role :- - Cyber Security Lead

Location: - Dallas, TX (ONSITE)

Key Responsibilities:

• Engage in and act as extension of Client IT team led by the Client IT Security Director/CISO
• Provide security thought leadership, consulting and insight into best practices to the Client IT Security team
• Work with Client IT Security on creating/reviewing/updating the Client security roadmap
• Work with Client IT Security to review and analyze business requirements and create appropriate security solutions

Knowledge and Experience

The qualified candidate will have:

• Must work well within a team environment and be results driven to achieve organizational goals
• Minimum of 15 - 20 years of relevant information technology:
  • 10 12 years demonstrated experience with IT security risk, defences and security technologies.
• Special licenses, other education, certification or professional association memberships
  • CISSP Certified Information Systems Security Professional
• Demonstrated experience in the design, development, and implementation of security information processes, procedures, controls, and solutions.
• Demonstrated adaptation to changing business needs and the ability to work in a variety of different business situations.
• Education
  • Minimum Bachelor's Degree with a desired emphasis in Computer Science, Information Technology, or Computer Engineering.
  • Post-graduate degree in Computer Science, Information Technology, or Computer Engineering; or MBA desirable.
• Proven project management skills with experience in a formalized process and the ability to successfully manage multiple projects at one time.
• Working knowledge of the CLIENT businesses and functional areas with the ability to understand and assess applicable IT security threats.

Familiarity with applicable legal and regulatory requirements, including, but not limited

• Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff.
• The ability to interact with CLIENT personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives.
• A strong understanding of the business impact of security tools, technologies and policies.
• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel; in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies.
• Experience working with legal, audit and compliance staff is highly desired.
• Track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in security strategy plans and architecture artifacts.
• Evaluate the statements of work from these providers to ensure that adequate security protections are in place. Assess the providers' audit reports (or alternative sources) for security-related deficiencies and required "user controls," and report any findings to the Director of IT Security.
• Experience managing security infrastructure such as firewalls, IPSs, WAFs, endpoint protection, SIEM and log management technology, IAM, PAM & GRC

Understanding of IT infrastructure:

• Applications
• Databases
• Operating systems (Windows, Unix and Linux)
• Hypervisors
• IP networks (WAN, LAN)
• Storage networks Backup networks and media
• SSO/MFA MS Entra ID, 1Password
• PAM, IGA, UAM, UAR
• Strong working knowledge of IT service management
• Change management
• Configuration management
• Asset management
• Incident management
• Problem management