Global IT Cyber Secuirty Manager

Object Technology Solutions, Inc (OTSI) has an immediate opening for a Global IT Cyber Security Manager.

Global IT Cyber Security Manager (Hybrid Houston, TX)

Major Responsibilities:

• The Global IT Cyber Security Manager is responsible for developing, implementing, and managing a robust cybersecurity program aligned with the NIST Cybersecurity Framework and defense-in-depth methodology.
• This role ensures the protection of the client s global IT infrastructure, data, and applications through strategic security architecture, operational controls, and compliance management. The manager leads cross-functional teams to deploy and maintain advanced security technologies, including Palo Alto firewalls, Cisco networking stacks, Office 365, Azure security tools, Zscaler, and drives security awareness and compliance globally.

• Security Framework & Strategy:

• Develop and maintain cybersecurity policies and procedures based on the NIST Cybersecurity Framework to ensure comprehensive risk management and regulatory compliance.
• Implement a defense-in-depth security strategy that layers multiple security controls across the network, endpoint, application, and data layers.
• Translate business risk requirements into technical security controls and metrics for ongoing performance monitoring
• Conduct annual penetration testing in accordance with NIST guidelines to proactively identify exploitable vulnerabilities in organizational systems, networks, and applications
• Establish and maintain a continuous vulnerability management program, including periodic vulnerability scanning of systems and applications, timely identification of new vulnerabilities, and prompt remediation in line with NIST requirements.
• Network & Infrastructure Security
• Oversee the configuration, deployment, and management of Palo Alto firewalls to safeguard network perimeters and internal segments.
• Configure port security, DHCP snooping, and dynamic ARP inspection to prevent MAC flooding, rogue device access, and layer-2 attacks
• Deploy 802.1X authentication for network access control (NAC), integrating with Cisco Identity Services Engine (ISE) for dynamic policy enforcement
• Macro-Segmentation: Use VRFs and VLANs to isolate high-risk zones (e.g., IoT, guest networks) from core enterprise systems
• Micro-Segmentation: Enforce granular policies via Cisco TrustSec/Security Group Tags (SGTs), limiting east-west traffic between workloads based on identity/context
• Use NetFlow/IPFIX to baseline normal traffic patterns and detect anomalies (e.g., lateral movement, data exfiltration)
• Utilize Azure Security Center, Network Security Groups (NSG), and ExpressRoute to secure cloud infrastructure and hybrid environments.
• Conduct regular network vulnerability assessments and penetration testing to identify and remediate security gaps
• Email & Data Protection
• Implement and manage email security solutions including inbound/outbound email filtering, encryption, and anti-phishing controls.
• Deploy Data Loss Prevention (DLP) technologies to prevent unauthorized data exfiltration across email, endpoints, and cloud services.
• Manage eDiscovery processes to support legal and compliance requirements related to data retention and investigations
• Identity & Access Management
• Enforce multi-factor authentication (MFA) across all critical systems to mitigate unauthorized access risks.
• Oversee user access controls and privilege management in Office 365 and other enterprise applications.
• Integrate security awareness training programs such as KnowBe4 to educate employees on cybersecurity best practices and phishing prevention
• Audit, Compliance & Risk Management
• Lead internal and external security audits to ensure compliance with industry regulations and standards.
• Monitor adherence to cybersecurity policies and regulatory requirements, addressing any deviations or vulnerabilities.
• Collaborate with legal, compliance, and IT teams to manage cyber risk and vendor security assessments
• Team Leadership & Collaboration
• Manage and mentor cybersecurity staff, fostering continuous learning and professional development.
• Coordinate with IT operations, network, and cloud teams to implement security controls and incident response plans.
• Serve as a strategic liaison between executive leadership and technical teams to communicate security posture and initiatives.
• Project Management
• Lead and manage global cybersecurity projects from initiation through completion, ensuring alignment with business objectives, timelines, and budgets.
• Develop comprehensive project plans, define scope, allocate resources, and manage project risks and issues.
• Coordinate cross-functional teams, vendors, and stakeholders to ensure successful project delivery and implementation of security initiatives.
• Track and report project progress to executive leadership, providing clear updates on milestones, risks, and outcomes.
• Apply project management methodologies (e.g., Agile, Waterfall, or hybrid approaches) to optimize project execution and continuous improvement.

Qualifications and Experience:

• Deep knowledge of the NIST Cybersecurity Framework and defense-in-depth security principles.
• Strong project management skills required to develop business case justifications for acquiring and implementing new technologies. Strong ability to initiate and manage projects from inception to completion.
• Must have strong leadership skills to lead the cybersecurity team and collaborate with other teams to implement new technologies. Experienced at managing, developing, and leading teams.
• Strong verbal and written communication skills are necessary to successfully create policies, presentations, and global communications.
• Hands-on experience with Palo Alto firewalls and Cisco networking technologies (switching, routing).
• Expertise in Office 365 security stack, Azure Security Center, NSG, and ExpressRoute configurations.
• Proficiency in email security solutions, DLP, and eDiscovery tools.
• Strong understanding of identity and access management, including MFA implementation.
• Experience with security awareness platforms such as KnowBe4.
• Proven ability to lead audits, compliance efforts, and manage cyber risk.
• Excellent communication skills to work across global teams and stakeholders.

About us:

OTSI is a leading global technology company offering solutions, consulting, and managed services for businesses worldwide since 1999. OTSI serves clients from its 15 offices across 6 countries around the globe with a Follow-the-Sun model. Headquartered in Overland Park, Kansas, we have a strong presence in North America, Central America, and Asia-Pacific with a Global Delivery Centre based in India. These strategic locations offer our customers the competitive advantages of onshore, near shore, and offshore engagement and delivery options, with 24/7 support. OTSI works with 100+ enterprise customers, of which many are Fortune ranked, OTSI focuses on industry segments such as Banking, Financial Services & Insurance, Healthcare & Life Sciences, Energy & Utilities, Communications & Media Entertainment, Engineering & Telecom, Retail & Consumer Services, Hi-tech, Manufacturing, Engineering, transport logistics, Government, Defence & PSUs.

Our Centre of Excellence:

• Data & Analytics
• Digital Transformation
• QA & Automation
• Enterprise Applications
• Disruptive Technologies