Cyber Security Director
Trimble is seeking a Cyber Security Director for our Westminster, CO office.
We are Trimble! We design, build, and maintain roads and buildings. We survey land and subdivide areas into cities. We improve crop yield in farms to feed and fuel cities. We track vehicles that transport goods from point A to B to support the economy and feed cities. We have solutions that meet the needs of the eco-system. This is the universe we live and this is what we do. We transform the way the world works.
- Architect, configure, and maintain security infrastructure for corporate and cloud environments
- Partner with Global IS team to constantly refine and improve the company's network security standards
- Establish network protocol and lead all aspects of design, implementation, and support in partnership with the Global IS team
- Lead the cloud infrastructure security standard, including security, configurations in public cloud (Azure, AWS, etc.) platforms
- Develop automated methods to remediate and mitigate network events and minimize network operational complexity
- Handle complex and detailed hands-on technical projects to establish and maintain a secure environment
- Implement and maintain network security infrastructure globally including Firewalls, DDOS mitigation, VPN and remote access
- Lead the design, build, and deployment of solutions that protect the company and its customers against advanced threats
- Research and understand emerging information security threats, vulnerabilities, detection, and remediation to secure the network environments
- Mentor a small, high-impact and multi-talented Security team
- Potential travel to support field office projects
Required Skills / Experience / Competencies:
- 12+ years of experience in information security
- 10+ years of network engineering experience, supporting large global multi-vendor enterprise infrastructure
- 5+ years of supervisory/management experience including preparing and managing a significant operating budget.
- Applicable Certifications in Information Security field
- Thorough understanding of Cyber Security technologies and offerings in the market place, as well as the processes associated with running a cyber security operation.
- Senior level understanding of all aspects of information security, including: security and risk management frameworks, vulnerability and threat management, security operations, security organization, architecture, access control, and security incident management.
- Bachelor's degree in Computer Science, or related discipline is required. Master’s degree is preferred.
- Excellent ability to influence change in corporate understanding and adoption of information security concepts.
- Excellent communications and interpersonal skills and the ability to work effectively with peers; senior executives in both IT and across business units; and internal/external business partners/clients. Ability to effectively explain complex security-related concepts and issues to non-technical and business audiences.
- Strong understanding of crisis management skills.
- Ability to manage complex projects to completion.
- Proven ability to lead and motivate others in accomplishing goals.
Nice to have's:
- Demonstrable experience in building distributed security systems and highly-available services
- Proficient in network-security concepts such as firewall, network segmentation, proxies, and IPS/IDS
- Expert knowledge in routing and switching technologies and protocols BGP, OSPF, EIGRP, VTP, VRF, STP, VLAN, vPC, HSRP, VRRP, MPLS, QoS, GRE, IP SEC, DNS, TACACS, NTP, etc.
- Knowledge of identity and access concepts and technologies to secure production and corporate access, such as SSO and SAML
- Review solution architecture and lead security solution implementations and associated configurations
- Experience running and maintaining a 24x7 Internet-facing production environment, across multiple data centers including public clouds
- Experience with Palo Alto Networks including Panorama required
- Experience using network diagnosis and packet analysis tools
- Strong verbal and written interpersonal and communication skills
- Ability to work independently and solve problems with speed and efficiency
- Ability to self-motivate and manage/prioritize tasks
Essential Duties and Responsibilities:
- Leads, directs, and has accountability for the performance and development of subordinate staff in Risk Management, Security Operations, Vulnerability and Threat Management, Cybersecurity Identity and Access Management, in accordance with corporate strategic direction. May include matrix reporting relationships.
- Establishes and directs the design, development, testing and implementation of appropriate Information Security strategies, plans, products, and other access control techniques. Also identifies emerging vulnerabilities, evaluates associated risks and threats, and provides countermeasures where necessary.
- Directs the staff in the evaluation of risks and threats, development, implementation, communication, operation, monitoring and maintenance of the information security technologies which promote a secure and uninterrupted operation of all IT systems.
- Manages the reporting, investigation, and resolution of information security incidents. Works with and consults with senior business leaders such as the Office of General Counsel on potential data breaches.
- Manages the staff overseeing Identity and Access Management. Ensures that appropriate access is provided to employees, contractors, and other parties in a timely fashion meeting strict security standard in accordance with the principles of Segregation of Duties and Least Privilege. Works closely with Human Resources and Enterprise Procurement to ensure IT aspects of new employee and contractor on-boarding are appropriately completed.
- Oversees staff supporting the Office of the General Counsel in the collection, delivery, and presentation of electronic evidence regarding litigation for and against the company. Provides services to manage the full life-cycle of electronically stored information to those ends.
- Responsible for the development and implementation of security standards, procedures and guidelines to prevent the unauthorized use, release, modification, or destruction of data across multiple platforms and environments (e.g., company-wide, distributed, client server systems, and e-applications).
- Responsible for ensuring appropriate governance over Managed Service Providers managing and maintaining information security technologies.
- Maintains contact with industry security groups, and an awareness of current vulnerabilities, threats, and risks to data privacy and information security.
- May perform additional duties associated with Cyber Security as assigned.
Trimble is proud to be an Equal Opportunity and Affirmative Action Employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, status as a covered veteran in accordance with applicable federal, state and local laws, or any other protected factor. EOE/M/F/V/D