Cybersecurity Director

JOB OVERVIEW

JOB TITLE

Cybersecurity Director

DEPARTMENT                        

Information Technology

JOB GROUP / 

P&E REQUIREMENTS

REPORTS TO

CEO

FLSA STATUS/EXEMPTION 

Exempt

MISSION OF THE POSITION

The Cybersecurity Director is responsible for ensuring the safety of information systems assets and protecting systems from intentional or inadvertent access or destruction. Subject matter expert in general or within a specialized field, solves problems which are complex in nature, requiring the application of differing techniques.  Relies on extensive experience and judgement to plan and accomplish goals with advanced coordination and control.  A wide degree of creativity and latitude is expected. Tasks and assignments tend to be highly complex, non-routine and/or require a greater level of expertise.  Receives assignments in the form of objectives with goals and process to meet goals outlined.  

ESSENTIAL DUTIES

o      Develops and implements enterprise information security architectures and solutions

o      Serves as a security expert in application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices

o      Researches, designs, and advocates new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors

o      Contributes to the development and maintenance of information security strategy and architecture

o      Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks

o      Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems

o      Researches attempted or successful efforts to compromise systems security and designs countermeasures

o      Maintains hardware, software and network firewalls and encryption protocols

o      Administers security policies to control physical and virtual access to systems

o      Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems.

o      Manages and partners with third party information security vendors

o      Partners and works with Government agencies, including NASA, the Department of Defense (DoD) and other relevant agencies, on information security matters

o      Communicates security risks and solutions to business partners and IT staff as needed

o      Participates in annual Information Security training/fairs

o      Attends cybersecurity events and participates in other external cybersecurity activities to maintain current in the field

o      Responds to emergencies and remediates information security incidents

o      Daily availability to include evenings and weekends when necessary to reach goals and deadlines. 

o      Protected Data & Classification of Data – The position will be responsible for knowledge of government data protection requirements such as but not limited to NIST 800-53 (moderate & high), NIST 800-171, Controlled Unclassified Information (CUI), Export controlled/ITAR regulations and subsequent execution or participating with team members in data protection strategies & implementations.

o       Project Management - Plans and coordinates all aspects of internal cybersecurity-specific projects from initiation to delivery. Coordinates work performed by cybersecurity staff and internal customers/partners by defining project requirements, performing feasibility and needs/impact assessments. Develops detailed project plans and manages all implementation processes including resource allocation, progress tracking, monitoring change control process, testing, documentation, training and on-time delivery within budget constraints.

o      Develop Cybersecurity protection roadmap & steps to implementation.

o      Daily availability to include evenings and weekends when necessary to reach goals and deadlines.

ADDITIONAL RESPONSIBILITIES

SUPERVISORY RESPONSIBILITIES

COMPETENCIES

EDUCATION

Bachelor's degree (B.S.) from four-year college or university in Cybersecurity related discipline

CERTIFICATIONS & LICENSES

Certifications preferred but not required include CISSP, CISM, etc.

Active DoD security clearance preferred

EXPERIENCE

TALENTS

•             Analytical - Collects and researches data; uses intuition and experience to complement data for mitigation plans and timely reporting with solutions. 

•             Problem Solving - Identifies and resolves problems in a timely manner; gathers and analyzes information skillfully; works well in group problem solving situations.

•             Project Management – Communicates changes and progress.

•             Technical Skills - Pursues training and development opportunities; strives to continuously build knowledge and skills.

•             Oral Communication - Speaks clearly and persuasively in positive or negative situations; listens and gets clarification; responds well to questions; participates in meetings.

•             Written Communication - Writes clearly and informatively; Edits work for spelling and grammar; Varies writing style to meet needs; Presents numerical data effectively; Able to read and interpret written information.

•             Teamwork – Gives and welcomes feedback; supports everyone’s efforts to succeed.  Builds team relations. 

•             Leadership/Managing People - Exhibits confidence in self and others; Inspires and motivates others to perform well; Effectively influences actions and opinions of others; Accepts feedback from others; Gives appropriate recognition to others.  Comes to the forefront in case of crisis, and is able to think and act in creative ways in difficult situations. Holds team accountable.      Ensures work responsibilities are covered when absent.   Takes responsibility for subordinates' activities; Makes him/herself available to staff; Provides regular performance feedback; Develops subordinates' skills and encourages growth; Fosters quality focus in others; Improves processes, products and services. Continually works to improve supervisory skills.

•             Business Acumen - Understands business implications of decisions.  

•             Ethics - Treats people with respect; works with integrity and ethically; upholds organizational values.

•             Organizational Support - Follows policies and procedures; supports organization’s goals and values.

•             Judgment - Displays willingness to make decisions; Exhibits sound and accurate judgment; Supports and explains reasoning for decisions; Includes appropriate people in decision-making process; Makes timely decisions.

•             Motivation – Demonstrates persistence and overcomes obstacles.

•             Planning/Organizing – Prioritizes and plans work activities; uses time efficiently.

•             Professionalism – Reacts well under pressure; treats others with respect and consideration regardless of their status or position; accepts responsibility for own actions.

•             Quality - Demonstrates accuracy and thoroughness; looks for ways to improve and promote quality; applies feedback to improve performance; monitors own work to ensure quality.

•             Quantity – Completes work in a timely manner; strives to increase productivity.

•             Safety and Security – Observes safety and security procedures including using Personal Protective Equipment (PPE) as required and wearing company issued badge when on company property; Reports potentially unsafe conditions; Uses equipment and material properly.

•             Adaptability - Adapts to changes in the work environment; able to deal with frequent change, delays, or unexpected events.

•             Initiative – Seeks increased responsibilities; asks for and offers help when needed.

•             Innovation – Generates suggestions for improving work.