The Associate Director, IT Security Administrator is responsible for testing, developing, implementing, and maintaining the firewall(s), Internet filtering, VPN, and MFA technologies that secure the organization. The IT Security Administrator is expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products.
The role leverages a high level of technical expertise in multiple disciplines within Infrastructure and Information Security such as assessing threats, Penetration Testing, Vulnerability Management, attack methodologies, forensics analysis techniques, malware analysis, and attack surface comprehension with Metasploit and Nessus. He/she will also leverage his/her knowledge of Networking, Identity and Access Management (IAM), Security Assertion Markup Language (SAML), Single Sign On (SSO) technologies, Lightweight Directory Access Protocol (LDAP) servers, Microsoft Azure, Amazon Web Services (AWS) and Databases to develop solutions and mentor other staff and teams.
The incumbent works cross-functionally with internal departments and external resources on security and system architecture-related issues.
The Associate Director, IT Security Administrator ensures adherence to relevant regulatory requirements and company Standard Operating Procedures (SOPs) as appropriate
- Define and manage firewall policies.
- Provide day to day support for all firewall infrastructure and support issues
- Monitor security log files.
- Monitor network boundaries to provide intrusion detection, identification, and internal/external IT threat analysis
- Maintain and apply changes necessary on 2-factor authentication platform and apply understanding of SAML.
- Configuring and supporting Web and URL Filtering policies, Sandboxing, Cloud Firewall, CASB and DLP.
- Build solutions with integration using Zero Trust Frameworks
- Design and monitor security for firewalls, routers, switches, operating systems, and other technologies.
- Keeps abreast of application security trends and the emerging threat landscape and actively engages with vendors, understanding architecture roadmaps, technology direction, and investment to improve security capabilities and deliver cost effective solutions.
- Reviews current system security measures and recommends and implements enhancements through change management
- Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
- Ensures all personnel have access to the IT system limited by need and role
- Establishes disaster recovery procedures
- Promptly responds to all security incidents and provides thorough post-event analyses
- Develops and produces high quality documentation for strategic security architecture vision, including blueprints, standards and frameworks that are aligned with overall business strategy.
- Performs strategy, planning, and operational excellence through continuous improvement and automation.
- Manages service levels, control effectiveness, control failure remediation, operational automation and oversight of information security team.
- Serves as the escalation point for technical issues related to information security platforms.
- Performs initial and periodic information security risk assessment/analysis, mitigation and remediation.
- Assists in the development and knowledge transfer to IT team members, as well as other enterprise groups.
- Performs other tasks and assignments as needed and specified by management.
* Minimum level of education and years of relevant work experience.
- A Bachelor's degree in Computer Science, Information Systems or other related field and a minimum of 7 years of progressively responsible leadership experience, preferably in a pharmaceutical, biotechnology or other regulated environment OR equivalent experience and/or education.
* Special knowledge or skills needed and/or licenses or certificates required.
- 7+ years of security analysis, design, and service development.
- 7+ Years supporting and managing web application firewalls, next-generation firewalls, IDS/IPS, content filtering solutions, and Network Access Control.
- 2+ years of experience with Security Assertion Markup Language (SAML) and associated Single Sign On (SSO) technologies. OKTA experience a Plus
- Strong practical knowledge of concepts such as least privilege, zero trust, encryption, SOA, network design, access control and incident containment.
- Advanced knowledge of infrastructure security assessments.
- Familiar with environmental pen testing and performing reviews of infrastructure for security vulnerabilities and threat modeling.
- Relevant experience designing, implementing, and supporting large scale solutions.
- Experience with drafting of standard, reference architecture, policies, procedures and implementation guidelines.
- Demonstrable, impeccable writing skills for technical, management, and executive audiences.
- Demonstrable communication capabilities including oral presentation and ability to present in front of executive leadership.
- Demonstrable experience coordinating multiple concurrent issues, in high?pressure situations.
- High degree of understanding with Cryptographic Services.
- Experience with cloud solution environments such as Azure and Amazon Web Service.
- One or more of the following certifications a plus: CISSP, CISM, CISA, GIAC, GPEN, PMP.
- Proficiency with Microsoft Office.
- Excellent verbal and written communication and skills.
- Ability to work independently and collaboratively, as required, in a fast-paced, matrixed, team environment consisting of internal and external team members.
- Analytical thinker with excellent problem-solving skills and the ability to adapt to changing priorities and deadlines.
- Excellent planning, organization and time management skills including the ability to support and prioritize multiple projects.
* Travel requirements
- Up to 10% travel
*Physical requirements (only note if the job requires physical capacity beyond general office work)
- Office based position