• Coordinate with IT leaders and business partners to set the strategic direction of the enterprise IT security program, ensure integration with business systems/applications strategies, introduce evolutionary concepts, and solicit feedback to ensure alignment with the business goals.
• Develop and maintain up-to-date information security policies, procedures, and guidelines.
• Manage information security policy approval, publication, and training processes.
• Facilitate information security governance through the implementation of a hierarchical governance program across Enterprise and Business Unit (BU) IT, including managing the information security steering committee.
• Lead and manage the cybersecurity incident response process.
• Monitor the external threat environment for emerging threats & advise relevant stakeholders on the appropriate risks and courses of action.
• Coordinate the use of external resources involved in the information security program, including, but not limited to, vendor selection, negotiating contracts and fees, and managing 3rd party providers.
• Develop a metrics and reporting framework to measure the efficiency and effectiveness of the program and increase the maturity of the security program and its processes.
• Provide strategic risk guidance for IT projects, including evaluation & recommendation of technical controls, secure enterprise architecture design and life cycle management.
• Works closely with IT and Engineering organizations to ensure systems security is appropriately considered at onset of initiatives and throughout technology lifecycle.
• Coordinate & manage information security awareness training programs for all employees, contractors, and approved system users.
• Define and facilitate the information security risk assessment process, including the reporting and oversight of remediation efforts to address findings.
• Own the vulnerability management reporting process as well as coordinating with BU IT remediation of vulnerabilities.

• Bachelor's degree in Computer Science, Information Systems, Information Security or closely related field required.
• Minimum 7 years of experience in Information Security or IT Management, or related technical position.
• Prior experience in a similar capacity working for a defense contractor.
• Prior experience with industry standards implementation and governance with at least two of the following: PCI DSS, NIST 800-171, NIST 800-53, CMMC, Common Criteria, ISO27001, ISO27002
• Minimum 3 years of experience with IT audit and compliance
• Prior experience with IT vulnerability management and penetration testing.
• Prior experience with physical security and data center management.
• Relevant experience with Incident and Change management.
• Solid understanding of Microsoft operating systems.

Desired Skills and Qualifications:

• Unique skills or certifications needed to perform essential functions of the job to include one or more from the following groups: CISSP, CISM, CISA, ISP, Cloud Security related certifications
• Strong written and verbal communicator.
• Ability to work effectively in both managerial and hands on roles.

This position requires occasional travel to business sites in the US, Canada, and the UK.

• Sitting for extended periods of time
• Some repetitive motions
• Some physical effort - lifting up to 50 pounds.
• Occasional varied hours, including working at night or on weekends

#IC

#LI-DA1

#LI-Onsite

We offer medical, dental, vision, life, and disability insurance, health savings accounts, paid time off, and a 401(k) plan with a Company match.

This contractor and subcontractor shall abide by the requirements of 41 CFR 60-1.4(a), 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, national origin, and for inquiring about, discussing or disclosing compensation. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Reasonable accommodation statement: if you need an accommodation for any part of the application process, please email careers@ultra-us-gbs.com