Principal CyberSecurity Engineer
The Team
The Information Systems team is responsible for all of the IT Infrastructure, Information Security, and Process Standards at Vestmark. The team supports all departments at Vestmark in the development and enhancement of computer systems, corporate applications, and related business processes.
The Role
We are looking for a Principal CyberSecurity Engineer to join the team. In this role, you will serve as the main technical contact for CyberSecurity related activities and ensure that Vestmark's security posture evolves to meet the demands of the growing threat landscape. This person will be working closely with leadership and staff to identify, analyze, manage, mitigate and remediate CyberSecurity risk. You will establish a culture of CyberSecurity company-wide, ensuring mitigation tactics are collectively employed to help us reduce risk as we scale. You will work with the IT and Managed Services group to identify security related infrastructure improvements, and ensure that the Vestmark threat surface is sufficiently protected using industry best practices and
innovative solutions.
Responsibilities:
- Be an advocate for industry leading CyberSecurity practices and influence the operational teams to achieve CyberSecurity excellence
- Oversee both our data center and corporate infrastructure design and implementation from a CyberSecurity perspective, and provide input and guidance to those implementing change and improvement efforts
- Responsible for identifying, developing and managing compliance with key security controls
- Help build and mentor the Information Systems team in the development and management of key security controls
- Oversee all security policies/documents and ensure they are properly evolving, reviewed, and updated accordingly on an annual basis
- Develop company-wide training programs to communicate information security risks (both physical and cyber)
- Oversee the internal CyberSecurity audit process, defining key areas of CybersSecurity that require audit to ensure our defenses remain ready
- Oversee the CyberSecurity Incident Response process, ensuring our Security Operations Center Response alerting and escalation process is highly functional on an on-going basis
- Regularly audit systems to ensure compliance
- Manage relationships with security and information technology vendors
- Oversee the external CyberSecurity Audit process, including coordinating our third-party SOC Audits, and coordinating all client requested audits and questionnaire responses
Minimum Qualifications (Requirements):
- 7+ years of experience in information security or similar IT role
- 3+ years leadership experience (can be concurrent with other experience)
- Ability to design and implement and ensure ongoing compliance with technical security solutions
- Experience managing solutions in various environments such as end-user, server/network, and public cloud
- Experience rolling out process improvements
- Understanding and experience with industry and regulatory standards such as PCI, SOC2, ISO27001
- Strong written and verbal communication skills
- Experience prioritizing initiatives and communicating decisions
Vestmark is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Vestmark prohibits employment discrimination on the basis of race, color, religion, gender identity, sex, sexual orientation, pregnancy, national origin, age, disability status, protected military or veteran status and genetic information.