Director Cybersecurity - Infrastructure and Operations (RapidScale)

Company

Cox Communications, Inc.

Information Technology

Director, Cybersecurity

DirectorCan work remotely but need to live in the specified city, state, or region

No

Day

Compensation

Compensation includes a base salary of $142,100.00 - $236,800.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate’s knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program.

Reporting to the AVP/CISO RapidScale, the Senior Director, RapidScale Infrastructure Security and Security Operations leads the Infrastructure Security Team including Data Center, Identity, Network, and Endpoint Security, physical security and security operations enforcing and defining the technical controls aligning with the CCI critical controls.  This role builds strong partnerships with multiple stakeholder groups including Rapidscale leadership and technology teams, CCI Security. This role is aimed towards protecting our customer relationships and simplifying the business with the effective use of security capabilities. Key success factors include the ability to partner, influence and lead both directly and cross-functional teams throughout the organization. The leader must also successfully define and communicate security controls and obtain buy in on control enforcement across the RapidScale environment and with CB leadership.

PRIMARY RESPONSIBILITIES AND ESSENTIAL FUNCTIONS:

• Ensure alignment to CCI cybersecurity strategy and program and CCI/CEI enterprise risk management process.
• Create and maintain metrics for leadership to track key elements of security program using the CCI cybersecurity critical control framework.
• Ensure executives and other senior leaders across Rapidscale understand their role in security risk mitigation and control enforcement.
• Partners closely with CCI for security control  development, implementation of security technology and the ongoing operations and monitoring of security infrastructure through the Rapidscale Cybersecurity team and the shared CCI capabilities. .
• Contribute suite of RapidScale policies and procedures required for security enforcement in alignment with the CCI/CEI policies and procedures.
• Lead ad hoc security projects and continuous improvement initiatives.
• Participate in incident response activities including oversight of any notification requirements to ensure Legal, Security, and Public Affairs approval.
• Contribute to the compliance audit program through partnership with the Rapidscale GRC team for all compliance standards, including:
  • RapidScale – SOC 1, SOC 2, HITRUST, PCI, ISO 27001, GDPR and HIPAA
• Work with Stakeholders on all remediation efforts from audits, risk assessment, or other internal/external findings.
• Lead and coordinate large-scale information security projects, including implementation and delivery of infrastructure security scanning, correlating overall cybersecurity analytics and reporting, workflow and orchestration solutions, and log ingestion. 
• Identify, propose, and influence business solutions, negotiate deliverables and requirements across multiple business customers or organizations.
• Partner with other functional groups to develop, manage, track, and analyze operational support structures, tools, methods and procedures to improve process efficacy, inter-team communications, and the customer experience.
• Provide leadership and strategic direction for the function, including budgeting capital and operating expenses.
• Oversee and lead contract negotiations and vendor management across Cybersecurity infrastructure, operations , continuous control monitoring, and other security capabilities as appropriate.
• Responsible for staying abreast of industry leading cybersecurity informing on their product roadmaps.
• Consult with senior leadership on security threats and incident response practices. 
• Working knowledge/experience of network systems, security principles, and applications. Fundamental understanding of defense-in-depth and intelligence-driven strategies.
• Detailed knowledge of vulnerability management, configuration management, software security, red team concepts, tools and trends.
• Work with compliance and training organizations to develop appropriate training to ensure understanding and operationalization of the critical cybersecurity controls within RapidScale.
• Hire, train, motivate, guide, grow and develop direct reports and employees.
• Ensure a participative/engaged work environment that will attract and maintain a workforce of talented and satisfied employees.
• Educate and negotiate with business leadership and management and to ensure successful development, deployment, and ROI on security solutions.
• Represent the business in key industry groups as needed.
• Travel up to 30%, as needed.
• Performs other related duties as assigned.

QUALIFICATIONS AND EXPERIENCE:

Minimum

• BA/BS degree in a related discipline (i.e. Information Technology, Cybersecurity, etc.) with 10+ years of relevant experience . The right candidate could also have a different combination, such as a master's degree and 8 years’ experience; a Ph.D. and 5 years’ experience in a related field; or 14 years’ experience in a related field •
• 5+ years’ experience in a management or leadership role
• Certified Information Systems Security Professional (CISSP), and/or a Certified Information Systems Manager (CISM), and/or Industry relevant technical certifications.
• 10 or more years direct management responsibility overseeing technology, IT or Security teams and professionals in a dynamic, high-growth, fast pace, changing environment. 
• Knowledge and experience in security compliance programs and relevant security frameworks – Payment Card Industry compliance, NIST, privacy laws including CCPA, GDPR and related state and federal programs and legislation.
• Proven experience with corporate security, compliance, and audit programs.
• Ability to make strategic decisions, supervise complex programs, manage, and educate highly skilled professionals, and manage other departments relating to Cybersecurity. 
• Ability to manage multiple complex projects while meeting all deadlines and manage leaders of teams to achieve optimal results.
• Develop strong and productive working environment with key stakeholders and collaborate closely with other Cox entities’ security teams to implement security best practices.  
• Excellent customer service skills, writing and executive presentation skills.

The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company’s needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, parental leave, and COVID-19 vaccination leave.Cox Communications is all about creating moments of real human connection; and for employees, that’s true both in the workplace and in the problems we solve for customers. From building advertising solutions to unleashing IoT technologies to creating an exceptional experience for customers in our retail locations and online, we’re creating a world that is smarter and more connected. Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, visit our benefits page. Cox is an Equal Employment Opportunity employer – All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Cox provides reasonable accommodations when requested by a qualified applicant or employee with disability, unless such accommodations would cause an undue hardship.