The Director of IT Infrastructure will provide technical expertise and leadership to a group of IT professionals in maintaining, configuring, and securing the overall network infrastructure and cloud environments. He or she will be responsible for the overall operations and support of the network infrastructure, server/endpoints, wide area networks, data centers, and cloud services. This is a critical role with technical operations responsibility and accountability to deliver high network availability, security and performance to all of the company’s internal and external customers. Responsibilities also include the ongoing management and assurance of IT security, the development of security plans to ensure internal and external regulatory compliance, minimize risk, and reduce the risk of undue IT security threats and vulnerabilities. This person will work closely with other IT executives to fulfill the goal of advancing IT as a core competency.
- Bachelor's Degree in Computer Science, Engineering, Information Systems, Business or related field.
- Current information security certification such as a GIAC, CISSP, CCSP, or similar preferred.
- 10 + years' experience in IT and IS that includes: managing information security, maintaining information security operations, developing policies, procedures and guidelines in a complex environment
- 10+ years’ experience in network infrastructure solutions architecture and cloud-based network infrastructure (Azure & AWS)
- Experience in building and maintaining a multilocation highly available complex network
- Extensive hands on experience in configuring, utilizing and interpreting industry leading network, application, web, database and host vulnerability technologies and serving as the technical security subject matter expert for remediation
- Experience in the development, implementation and operation of IT Security Strategy within a complex multi supplier, multi-platform environment using security best practices
- Experience in defining and implementing security life cycle testing to conduct various security testing across network/data/application/infrastructure.
DUTIES AND RESPONSIBILITIES
- Responsible for the supervision of network engineers, network admins, vendors, auditors, and other persons tasked with maintaining information security, internal controls, and overall IT infrastructure
- Manage and support a complex integrated network of 70+ locations across the U.S.
- Responsible for maintaining high availability and ongoing improvements of 4 data centers and cloud services
- Work closely with other executives to execute strategic initiatives that follow the company’s long- range plan.
- Lead the continuous and secure operation, administration and maintenance of the corporate computing and networking infrastructure, including development of Risk Management, Identity/Access Management, Information Security and Privacy, and Disaster Recovery and Business Continuity Plans
- Support adoption of new technologies and tools, as well as recommend proven solutions and improvements to network and security operations.
- Work closely with other departments to ensure network operations are capable of handling emerging and future business requirements.
- Coordinate security related activity related to specific strategic initiatives in support of long-range goals of the enterprise or a specific business unit; serves as resource to senior management for planning and implementation of strategic initiatives
- Oversee the development and implementation of security-oriented policies, procedures, and operating practices -as well as implementation of hardening procedures for the organizations systems, network and mobile device environments.
- Define and manage continuous improvement through remediation action plans for penetration test and maturity assessment findings
- Identify risk factors and contingency plans and communicate critical risk factors to management and other stakeholders. Participate in development of enterprise risk management plan for company
- Implement comprehensive vulnerability management systems across all assets on-premises and in the cloud
- Support the continuous planning, development and implementation of a secure infrastructure designed to protect against all manner of threats to resources and data
- Interface with third parties to manage regulatory, statutory, and industry compliance requirements and evaluate third party risk as it relates to privacy and security practices
- Provide direction for the organization's information security and privacy education program
- Oversee the development and implementation of hardening procedures for the organization's systems, network, and mobile device environments
- Maintain significant knowledge of threat actors, attack methodologies and mitigation/remediation methods
- Responsible for collaborating with the digital team and IT to reduce organization risk by ensuring internal IT controls are executed and remains within compliance
- Responsible for overseeing and implementing security policies, procedures, and technologies that will continue to improve the security operations networks to better protect the organization
- Prepare department budgets and monitor expenses
- Participate in disaster recovery/business continuity activities, as needed.
- Develop and implement project plans that meet expected timelines that delivers projects on time and within cost.
- Manage vendor relationships, vendor agreements, IT support contracts and subscriptions related to the ongoing support of the network, computing systems, and cloud services
- Working knowledge of the following applications and services: AWS & Azure cloud services, SIEM, IDS/IPS, EDR, Antivirus, VMWare, Cisco Products, SANS, Avamar/Data Domain backup solution