Job Closed
This listing is no longer active.
Outsmart Your Disease™
Director, IT Security
Location
United States
Posted
4 days ago
Salary
0
Seniority
Lead
Job Description
Director, IT Security
ImmunityBio, Inc.
Role Description The Director of Security is responsible for designing, implementing, and leading a comprehensive physical security program for a multi-site corporate environment, with alignment and collaboration with Information Security for corporate offices and critical spaces. The primary focus is protecting employees, executives, facilities, and physical assets through robust policies, technologies, and daily operational practices, while partnering with IT to safeguard systems housed in corporate spaces. Essential Functions - Design, implement, and oversee physical security systems for offices and campuses, including access control, CCTV, intrusion detection, duress systems, and visitor management platforms. - Participate in the development and implementation of the enterprise security architecture and supporting security standards to ensure compliance with corporate policies, and relevant legislative and regulatory requirements. - Manage the day-to-day activities of the team to include the hiring and training of new team members, coaching employees and monitoring performance. - Review and determine risks within the environment and recommend security products and/or processes to assist in mitigating risks. - Monitor information systems for security incidents and vulnerabilities including the development of monitoring and visibility capabilities, report on incidents, vulnerabilities, and trends. - Respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches including interacting and collaborating with third-party incident responders. - Administer authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets. - Analyze trends, news and changes in threat and compliance environment with respect to organizational risk and advise management and develop and execute plans for compliance and mitigation of risk. - Perform risk and compliance self-assessments and engages and coordinates third-party risk and compliance assessments. - Perform comprehensive threat/risk assessments and business impact analysis of current system, data, application and technology environments to determine possible internal and external threats to information assets and identify security measures required to counter such threats. - Create, edit and adhere to Standard Operating Procedures (SOPs), process improvements, and standardization of templates. - Perform ad-hoc and cross-functional duties and/or projects assigned to support business needs and provide developmental opportunities. Qualifications - Bachelor’s degree in information technology or related field with 10+ years of industry related experience is required; OR High School Diploma with 14+ years of industry related experience is required. - 10+ years of experience with computer hardware for storage, desktops, and servers is required. - 10+ years of experience with Routers, Firewalls, Switches, DNS, and DHCP is required. - 10+ years of experience with access control systems, CCTV including installation, configuration, and best practices are required. Knowledge, Skills, & Abilities - Knowledge of data analysis, correlation, anomaly detection, and threat hunting (red, purple, blue team). - Strong knowledge of security best practices. - Deep understanding of information security best practices. - Knowledge of basic computer hardware for both desktops and servers. - Knowledge of Palo Alto or Cisco firewall technologies. - Knowledge of Routers, Firewalls, Switches, DNS, and DHCP. - Strong understanding of TCP/IP, subnetting, routing, access control lists, firewalls, Site-to-Site and Client VPN, NAT and network traffic analysis, and edge configurations. - Strong Knowledge of routing protocols such as OSPF, BGP and static routes. - Ability to work in a dynamic and demanding environment and make decisions quickly. Working Environment / Physical Environment - The position will work onsite or remote based on the candidate’s geographic location. - Regular work schedule is Monday – Friday, within standard business hours. Flexibility is available with manager approval. - Must possess mobility to work in a standard office setting and to use standard office equipment, including a computer. - Lift and carry materials weighing up to 20 pounds. Benefits - Medical, Dental and Vision Plan Options. - Health and Financial Wellness Programs. - Employer Assistance Program (EAP). - Company Paid and Voluntary Life/AD&D, Short-Term and Long-Term Disability. - Healthcare and Dependent Care Flexible Spending Accounts. - 401(k) Retirement Plan with Company Match. - 529 Education Savings Program. - Voluntary Legal Services, Identity Theft Protection, Pet Insurance and Employee Discounts, Rewards and Perks. - Paid Time Off (PTO) includes: 11 Holidays. - Exempt Employees are eligible for Unlimited PTO. - Non-Exempt Employees are eligible for 10 Vacation Days, 56 Hours of Health Pay, 2 Personal Days and 1 Cultural Day.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Lead large-scale development projects, initiatives and activities in your specialty area • Advise clients and partners to help position, plan, develop, select solutions for, execute and monitor projects and initiatives • Develop and update policies, standards, models, methodologies, tools and programs • Conduct strategic monitoring in your area of expertise to identify emerging security issues • Analyze, map and explain threats to guide test activities • Represent your unit before decision-making bodies • Represent Desjardins when making agreements with external partners and organizations
Role Description The Information Security Engineer will be responsible for the security of the organization’s Azure and Office 365 services, network, and endpoints. The Information Security Engineer will also support and execute on project tasks and deliverables in support of the organization’s information security roadmap/strategy. - Ensure the organization’s cloud infrastructure and data is secure and protected by implementing appropriate security controls in Azure and Office 365 based upon industry best practices. - Monitor the M365 and Azure Security Score, follow and implement Microsoft’s recommendations and deviate where necessary to continue to strengthen the organization's security posture in Azure and Office 365. - Lead efforts in remediating vulnerabilities and identifying gaps or security deficiencies on all network and endpoint devices using vulnerability management tools and risk assessments. - Manage and maintain Privileged Access Management (PAM) system. - Perform risk assessments and reviews for onboarding practices, third-party vendors, and self-assessments for the organization. - Assist in updating and executing the security awareness program. - Keep abreast of security trends and threats and ensure that the organization’s security practices are updated and aligned. - Serve as the lead and point of contact for all security related events and breaches, coordinating efforts across all technology teams. - Proactively search, detect, and respond to security events and incidents utilizing EDR and SIEM security monitoring tools. - Act as the SME for the organization’s security tools and applications including the evaluation, implementation, and maintenance of such tools. - Support a variety of security initiatives and projects that align with the organization’s information security roadmap. - Other duties as assigned. Qualifications - Expert knowledge and proven experience with cloud and cyber security principles, technologies, and best practices. - Experience with leading and responding to security incidents and events. - Demonstrates professionalism, confidentiality, and diplomacy and can serve a wide range of employees with equity and tact. - Thorough knowledge and understanding of security functions within Azure and Office 365 services. - Thorough knowledge and understanding of network and endpoint security. - Ability to work independently with minimal supervision. - Excellent customer service skills. - Effective verbal and written communication skills. - Ability to establish and maintain effective working relationships with a diverse group of people at all levels of the organization. - Commitment to excellence and high standards. - Detail oriented with strong follow-up initiative. - Versatility, flexibility, and a willingness to work within constantly changing priorities with enthusiasm. Requirements - Bachelor’s degree in cyber security, information technology, and/or equivalent experience. - 3-5 years of experience working as a cyber security analyst or engineer. - ITIL Foundations Certification or willingness to obtain it within one year of hire date. - Knowledge and experience working in a cloud-based infrastructure. Preferred Education and Experience - Healthcare industry experience. - Azure and Office 365 support experience. - CISSP, CCSP or CompTIA Security+ certification. - Knowledge of Cybersecurity Frameworks (NIST CSF, ISO27001, HITRUST, HIPAA). - Strong knowledge and experience with the following: Azure and Office 365 security technologies (Microsoft Defender, Azure Security Center, Azure Sentinel, Microsoft Cloud App Security, Microsoft ATP), EPP and EDR solutions, Email Security and Encryption Services, Data Loss Prevention tools. Benefits - Multiple medical and prescription coverage options. - Dental and vision care plans. - Health Savings Accounts (HSAs), where applicable. - Flexible Spending Accounts (FSAs). - Voluntary critical illness, cancer, and accident insurance. - Voluntary hospital indemnity coverage. - Voluntary short-term and long-term disability insurance. - Voluntary term life insurance and AD&D (Accidental Death & Dismemberment). - 401(k) retirement savings plan. - Paid time off (PTO). - Commuter benefits. - Group auto and homeowners' insurance. Part-time Benefits - Vision. - Flexible Spending Accounts. - MetLife Auto/Vehicle & Home Insurance Discounts.
Staff Security Engineer, AI
DraftKings Inc.Defining what it means to build and deliver the most extraordinary sports & entertainment experiences.The Crown is Yours
• Set the security standards and guardrails for the AI platform. • Define the principles, reference architectures, and policy-as-code that all AI tooling at DraftKings adheres to. • Focus on specifying the environment, infrastructure, and authentication methods agents rely on. • Review and build the architecture of AI gateways and tooling. • Provide security review, sign-off, and possibly pair on implementation of these systems. • Streamline how AI services move through InfoSec review. • Reduce AI-driven security noise. • Drive remediation efforts of complex, cross-functional security issues. • Coach and raise the bar by mentoring security and platform engineers.
Technical Account Manager, SIEM / Security Analytics
AnomaliIntelligence-Driven Extended Detection and Response (XDR)
• Serve as an Anomali Platform power user; help our customers achieve success with the technology • Build strong customer relationships, especially with key customer stakeholders • Address customer’s technical requests; proactively identify and resolve issues • Provide advice, guidance, and technical know-how to ensure successful usage and adoption • Manage customer expectations while holding them accountable • Be your customer’s advocate and internal champion • Promote advocacy • Track key account metrics; communicate progress to internal and external stakeholders • Engage with the Onboarding Engineers to ensure a smooth transition • Engage with Technical Support to ensure speedy resolution of customer issues • Engage with Engineering to resolve customer reported issues • Partner with Sales to ensure an exceptional customer experience • Engage with Product Management to promote customer feature requests




