Purpose:

• Oversee the implementation and management of effective and efficient cybersecurity platforms and services to safeguard companies' operations in the US and internationally.
• Enhance design processes, document and assess risks, and balance trade-offs between various controls, solutions, and risks.
• Support the monitoring of regulatory requirements for the USA, Trinidad & Tobago, Senegal, Mexico, and other countries within the International region, ensuring compliance requirements are understood and controls are in place to meet these requirements.

Commitment to continuous learning and self-improvement.

Delivers results, communicates openly, and embraces and quickly adapts to change.

Takes appropriate ownership.

Leadership:

• Foster a culture of ownership, empowerment, and excellence.
• Promote respect for diverse thoughts, feedback, and ideas, embracing radical openness and honesty in discussions to pursue excellence and the best solutions.
• Provide technical knowledge to internal and external stakeholders on cybersecurity controls, standards, and regulations.

Work Processes & Systems:

• Accountable for US/International cyber risk reviews and secured by design processes.
• Oversee companies project, architectural review, change management, and other work processes.
• Support the creation and maintenance of regional risk assessments for senior operations management.

Technical:

• Strong understanding of zero trust architecture design principles.
• Ability to technically assess solution designs, cybersecurity risks, and controls.
• Maintain (or commit to gaining) knowledge of:
• IAM, AAA, PKI, Encryption, MFA, TCP/IP, SIEM, IDS/IPS, EDR, proxy, Firewalls, VPNs, DLP, Windows and Linux operating systems, networking, Entra/Active Directory, scripting languages, OSI Model, monitoring, logging, PAM, SAML/OIDC, SIEM, SASE, API integrations, SDLC, Data Pipelines, AI (LLM). Note: No one person will know everything—learning and research may be required for each new project/design review.
• Prior experience in an IT operational role with experience in operating with standards and/or controls is preferred.
• Knowledge of current and emerging cybersecurity threats and attacker TTPs is a plus.
• Prior experience with NIST CIS and C2M2 is a plus.

Role Requirements:

• 3+ years of experience in cybersecurity and/or IT; IT operations experience is desirable, but prior cybersecurity experience is not required.
• A passion for quality, thoroughness, and continuous learning.
• 1+ years of experience in designing and delivering large-scale enterprise solutions.
• Strong design thinking, customer service, and analytical skills.
• Excellent communication and organizational skills, with good stakeholder management abilities.
• Proficiency in technical writing.
• Ability to understand business context and communicate risks and impacts clearly and concisely.
• Knowledge of frameworks such as NIST CIS and ISO27001 is desirable.

Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field is desirable.
• Preferred certifications include one or more of the following: CISSP, GCDA, GPEN, ITIL, MS Azure Security Engineer, MS Security Operations Analyst, MS Identity and Access Administrator, OSCP, CCNA/CCNP, CCDE, AWS Security.