This job has expired, please see additional jobs below
Security Engineering and Planning Consulting Director
CNA Financial Corporation
Chicago, IL, United States
Job Details - this job has expired, please see similar jobs below
Description
Job Summary
The Consulting Director, Security Engineering role is a high level individual contributor role that leads the execution and management of daily Security Engineering work in coordination with CNA’s infrastructure vendor. Serves as an expert in various aspects of Security Engineering and is responsible for designing and implementing security infrastructure solutions approved by the Chief Information Security Officer (CISO) organization to support the overall business goals of CNA. The Director also manages projects (including external vendors) for end-to-end success as well as actively works with other CNA IT groups and vendors on optimal strategy, execution, management, oversight and outcomes.
Essential Duties & Responsibilities
Performs a combination of duties in accordance with departmental guidelines:
1. Contributes and provides input into the strategy of the security engineering discipline.
Researches, evaluates, designs, tests and recommends the implementation of new or improved information security infrastructure solutions, including identity & access management tools.
1. Independently engineers, designs and oversees the building of fault tolerant, automated and highly resilient security infrastructure solutions.
2. Guides and works with infrastructure vendor to create standards for monitoring tools, automate operational tasks and ensure robust reporting on overall security infrastructure status and health.
1. Participates in investigations of suspected information security misuse or in compliance reviews as requested by the CISO organization or auditors
1. Plans and develops security measures in the infrastructure area, in partnership with CNA’s infrastructure vendor and as directed by the CISO organization, to safeguard information against accidental or unauthorized modification, destruction or disclosure. Influences security measure decisions through advice and counsel.
1. Streamlines the usage of security technologies in a dynamic environment through automation and orchestration platforms, in partnership with CNA’s vendor partners while maintaining high level of security controls.
1. Works with operations team and providers during major issues and day-to-day escalations as needed.
2. Provides project leadership to large and technically difficult security engineering projects across CNA. The role will be accountable for security infrastructure design decisions and how easily the designs can be implemented.
3. Works with vendor management to help negotiate and / or provide detailed analysis to acquire favorable contractual agreements with IT vendor partners.
1. Ensures effective administration of, and compliance with, all internal CNA processes, procedures, and controls.
May perform additional duties as assigned.
Reporting Relationship
Typically reports to Assistant Vice President (AVP) or above.
Skills, Knowledge & Abilities
1. Solid experience researching and consulting with key technology suppliers and industry experts to evaluate, select, install and configure security infrastructure solutions
1. Extensive senior level knowledge of security technologies and of implementing infrastructure solutions to address compliance and security concerns
1. Excellent project management skills and ability to organize and plan effectively to meet project goals.
2. Excellent interpersonal and communication skills and the ability to work effectively with peers, vendor partners, IT management and assigned subordinates.
3. Proven experience building strong relationships both inside and outside CNA. Collaborates with teams to drive towards win-win scenarios.
4. Successful track record in Infrastructure planning and budgeting and exposure to negotiating and determining appropriate outcomes with IT vendor partners.
5. Acts with a sense of urgency and accountability while achieving quality results.
6. Acts as a thought leader in researching and presenting innovative ways to solve complex infrastructure related issues, including working with IT vendor partners with root cause analysis and appropriate outcome attainment.
7. Excellent knowledge and experience with IT Service Management concepts including all disciplines within an ITIL framework.
Education & Experience
• Bachelor’s Degree in Computer Science, Information Technology, or related work experience.
• Security Engineering background, with deep technical knowledge
• Typically a minimum of ten years in Information Technology experience utilizing security technologies — preferably in the insurance industry.
• Experience in a business-facing IT role or similar experience providing customer service for an IT service.
• Strong experience working with IT vendors and / or Managed Service Providers.
• Willingness and ability to lead and provide mentorship to other Infrastructure engineers.
• Security Engineering certifications preferred (e.g. CISSP, CISM, SANS, OSCP or similar).