Information Security Advisor Senior
About the role
The Information Security Advisor Senior is responsible for the selection and delivery of strategic network security, access control, and secure transaction/messaging solutions. This role involves developing, recommending, and implementing enterprise information security policies, technical standards, guidelines, procedures, and other elements of an infrastructure necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls.
Responsibilities
- Leads system and network architecture support for information and network security technologies.
- Leads development and execution of risk assessment methodologies to fit business, regulatory, and technical environment considerations; leads the development of requirements, system architecture, and software design of security products and services; leads the development of strategies for discovery, evaluation and response to new networking attacks; develops security incident response plans and strategies.
- Provides trouble resolution and serves as point of technical escalation on complex problems.
- Creates presentations and seeks IT management approval and acceptance of significant replacements or reconfigurations of major security systems serving the Enterprise.
- Sets vendor strategy and direction.
- May be assigned to project teams for technical consultation to business partners and developers.
- Designs & engineers comprehensive access management and network security technical solutions based on business requirements and defined technology standards; works with architecture to update technology direction & strategy. Develops reports supporting strategy and direction for management.
- Develops and maintains data science models, detection analytics, and behavioral algorithms for cybersecurity use cases.
- Performs proactive threat hunting activities using large-scale enterprise telemetry, logs, and security datasets.
- Designs and implements statistical, machine learning, and predictive models to identify suspicious or malicious activity.
- Develops strategies for discovery, evaluation, and response to emerging cyber threats, insider risks, and fraud patterns.
- Capable of serving as technical merger & acquisition lead. Acts as a subject matter expert among peers, with manager and senior management.
Requirements
- Requires BS/BA in information Technology or related field of study and a minimum of 8 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required.
Preferred Skills, Capabilities, and Experiences
- Security Certifications: CISSP and other advanced technical security certifications (e.g. Information Systems Security Architecture Professional, Information Security Engineering Professional, Certification and Accreditation Professional, or equivalent certifications) strongly preferred.
- Machine learning and statistical modeling techniques preferred.
- Threat hunting and cybersecurity analytics experience preferred.
- SIEM, EDR, UEBA, and fraud analytics platforms experience preferred.
- Scripting and programming languages such as Python, SQL, R, or similar technologies preferred.
- Data visualization and dashboard development experience preferred.
- Big data technologies, automation, and cloud-based analytics platforms experience preferred.
- Anomaly detection, user/entity behavior analytics (UEBA), and predictive analytics experience preferred.
- CI/CD pipelines and automation for analytics and detection deployment experience preferred.
Pay
Competitive salary commensurate with experience.
Schedule
Requires associates to be in-office 1-2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered if candidates reside within a commuting distance from an office.