Fort Belvoir, Virginia
Middletown, Rhode Island
San Diego, California
Los Altos Hills, California
Location: Selbyville, Delaware
Internal Number: 44749
VSP Global is comprised of five complementary businesses that combine high-quality eye care insurance, high-fashion eyewear, customized lenses, ophthalmic technology and retail solutions, with employees in over 23 countries. No matter the role, we're all focused on a singular mission: to help people see. Learn more by visiting https://vspglobal.com/cms/careers/
Act as a subject matter expert concerning complex information security technology, topics, and issues. Perform highly technical and complex, specialized duties in the areas of security management, risk management, incident management, and/or vulnerability management. Identify and direct information security programs and technology implementations to remediate or mitigate security issues.
Define, evaluate, justify and drive and information security controls and technology to ensure the protection of the organization's information assets.
Use a strategic approach to define current and future capability requirements. Prioritize and drive execution to that roadmap. Update and communicate it regularly with CISO and other high-level stakeholders.
Use extensive cyber-security background to review current security posture across all lines of business.
Conduct security project meetings to identify gaps and recommend security enhancements to ensure security requirements are integrated and implemented.
Lead Architecture, Infrastructure and Technology teams to review existing capabilities and recommend security enhancements.
Update and validate information security policies, standards and procedures to ensure they support the goals of the Information Security Program.
Support detailed risk analysis and risk assessment to identify, mitigate and control risks to infrastructure, information systems, and data.
Assist in third party evaluations to ensure that their technology environment appropriately protects shared data, that contracts have the appropriate security requirements, and that those requirements are met through regular audits and assessments.
Document and lead automation of security incident management practices to ensure all incidents are diagnosed, logged, escalated, and closed to its final resolution.
Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations.
Provide current intelligence support to critical internal/external stakeholders as appropriate.
Lead Threat Analysis across VSP Global Enterprise (Insurance, Retail, Health Care Provider, SaaS software solutions and Manufacturing businesses).
Identify and justify automation efforts to improve security posture without increasing cost.
Actively hunt threats using threat intelligence and knowledge of the environment.
Lead Information security technical incident response.
Monitor changes in threat landscape, identify trends for future threat analysis to ensure security controls are in place to meet threats when they arise in the VSP business environment.
Typically has the following skills or abilities:
Bachelor's Degree in Computer Science, Electrical Engineering, or related field or equivalent experience
12 years of hands-on technical information security experience in threat and vulnerability analysis, threat hunting, and/or security incident response
Minimum 4 years IT experience with a focus on systems engineering. Private and Public Cloud security experience is highly preferred
Technical Security certification like SANS GIAC-type certification(s)
Advanced knowledge of security principles and technologies
Strong verbal and written communications skills that can be applied to all levels of an organization from the CTO to a deskside technician
Proven ability to communicate using slides, documents, and spreadsheets
Ability to regularly exercise discretion and independent judgment in the performance of job duties
Data analysis as it relates to security event logging and monitoring with the ability to demonstrate effectiveness hunting in a complex environment
Certified Cyber Threat Hunting Professional (CCTHP)
SIEM/SOAR Alert/Workflow Creation
The working environment is generally favorable. Lighting and temperature are adequate, and there are no hazardous or unpleasant conditions caused by noise, dust etc.
The above information in this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
VSP Global is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to age, gender, race, color, religion, sex, national origin, gender identity, sexual orientation, disability or protected veteran status. We maintain a drug-free workplace and perform pre-employment substance abuse testing.
Nearest Major Market: Chicago Job Segment: Ophthalmic, Information Security, Risk Management, Computer Science, Information Systems, Healthcare, Technology, Finance