Responsible for ensuring the security of information across the enterprise. Interacts closely with customers, software developers, enterprise architects, information security, internal audit, compliance, and other key stakeholders in order to build information security strategies and programs. Contributes to enterprise-level policies and standards, lead incident response activities, and remediate security issues. Improves the ability of the organization to protect the confidentiality, availability, and integrity of the Company's and our customers' information assets. Responsible for various technologies to produce coherent technology strategies and architectures. Acts as the primary lead for implementing and configuring security tools within the Apollo Technology space. Implements the framework for security standards and compliance of Apollo’s systems, infrastructure & solutions. Provides feedback and consultation to the Security Architecture team, as well as project teams and ongoing projects and initiatives, integrating optimal security controls as appropriate and required.
• Bachelor’s degree (preferably in Computer Science, Business or related area) and/or a combination of:
o Equivalent education or training in related disciplines
o 10+ years progressive experience in Information Security related roles
o Security related certifications e.g., CISSP, CISM, CISA
• Minimum of 6 years direct and hands-on experience with network and Security components, including firewalls, intrusion detection systems, anti-malware products, e-Discovery and forensics tools and products, data encryption, VPN's, vulnerability scanners, multiple operating systems (Windows, UNIX, Linux, etc.), and directory services (Active Directory, LDAP)
• Demonstrate strong communication skills required to discuss and present complex engineering principles
• Subject Matter Expert (SME) level knowledge of security tools, trends, methodologies, and best practices for securing platforms and operating systems at the server, client, and handheld level.
• Expert knowledge of information security risks and counter-measures for Windows and Unix/Linux platforms
• Experience with risk management methodologies and frameworks
• Demonstrates the ability to create and manage Security solutions with a high degree of integration
• Strong understanding of regulatory requirements (PCI, SOX, GLBA) and how they impact information security functions
• Intimate knowledge of industry frameworks related to information security (e.g. ISO 27000, NIST, etc.)
• Demonstrated ability to work effectively in a collaborative team environment as an individual contributor.
• Ability to provide support after normal business hours, as needed.
• Resourceful, creative, innovative, results driven, and adaptable
• Open to potential travel when/if the position deems necessary