Lead IT Security Engineer in Indianapolis, IN by Bluegreen Vacations

Date Posted: 6/5/2022

Job Snapshot

Job Description

Purpose:

The Lead Information Technology Security, is responsible for managing all aspects of Bluegreen's enterprise systems, networks and data security environment, including the development, execution, and control of the company's information security management program, policies and procedures, providing management and strategic direction for the security function, and managing the Security staff.

Responsibilities:

  • Responsible for gaining an understanding of Bluegreen systems, how they are used, who is using it and where the weak points in the systems are located. Think of potential areas of exploitation and like an attacker.
  • Collaborate with developers, systems/network administrators and other stakeholders to ensure correct design, development, and implementation of applications and networks
  • Drive end-to-end architecture across cyber security product offerings and lead the execution of critical architectural priorities for IT management to develop secure products
  • Perform security assessments of third-party and internal applications and networks to define cybersecurity requirements, and evaluating processes, network design, and access controls
  • Make improvement recommendations on how to improve and strengthen the security of our systems.
  • Ensure the company is using the appropriate security systems to identify, prevent and remove cybersecurity threats.
  • Responsible for ensuring appropriate security architectural strategies, policies, procedures, and technology are in place to address information security related functions and activities throughout all business locations, in both a consistent and effective manner
  • Work with the Managed Security Service Provider to ensure security threats are prevented
  • Supports IT compliance audits and assessments, including SOX, SOC, GBLA, Security, GDPR, PCI, and Data Privacy regulations
  • Leads the design, implementation, and operation of the information security management program based on standards and best practices where applicable
  • Leads the preparation of necessary information security policies, standards, procedures and guidelines, in conjunction with IT Leadership and assist in enforcing them
  • Identify new solutions and enhancements to management to greater secure our computing environment.
  • Provide reporting and metrics to IT management on a regular basis.
  • Lead the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations
  • Offers operational direction to related Governance functions (such as Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance) plus managers throughout the organization on information security matters such as routine security activities plus emerging security risks and control technologies
  • Participate in activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties
  • Carry out any further instruction related to information security as directed by IT management.
  • Provide periodic status reports on current projects and activities, along with completing weekly timesheets.
  • Keep the security of our systems highly adaptable due to the constant evolution and changing.
  • Work with key stakeholders in multiple engineering groups to drive near and long-term architectural decisions.
  • Inspire innovation and deliver quality at speed across offerings and platform and execute these to success through diligent planning, attention to detail, effective decision making and individual/team.

Requirements:

  • Bachelor's degree in Information Technology or related Cybersecurity discipline; equivalent combination of education and experience.
  • Knowledge in PCI DSS Compliance preferred.
  • Knowledge of Sarbanes Oxley a big plus.
  • Knowledge of the NIST and ISO security frameworks
  • Expert knowledge of security engineering tasks, techniques and tools.
  • Exceptional understanding of Web Service Security standards.
  • Knowledge of software design, software and network architecture, protocols, and standards preferred.
  • Knowledge of software/application security (auditing, authorization, vulnerability checking).
  • Exceptional understanding of infrastructure, server and network security.
  • In-depth technical knowledge of multi-level security networks and cross-domain solutions.
  • Highly desirable to hold one or more of the following certifications:
  • PCI Internal Security Assessor (ISA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • SANS-GIAC certifications.
  • System Security Certified Practitioner (SSCP)
  • Cisco Certified Security Professional (CCSP)
  • Certified Protection Professional (CPP)
  • CompTIA Security+
  • Strong attention to detail and excellent organization skills; independent thinking, creativity and ability to work in a team environment; strong analytical and statistical analysis skills.
  • Considerable independent judgment needed to make decisions in carrying out assignment that have significant impact on IT.
  • Strong creative thinking and analytical solving skills.
  • Able to work under pressure and tight deadlines.
  • Able to work independently and as part of a remote team.
  • Capacity for high productivity with repetitive work and an ability to handle ambiguous information
  • Strong customer service focus.
  • Flexibility and patience with handling changing customer demands.
  • Adept at building relationships with cross-functional and remote teams, at all levels of the organization, both internally and with clients.
  • Proactive; ability to anticipate problems and identify alternative solutions.

EOE Statement

Our goal is to improve the quality of work/life by providing equal employment opportunities for all candidates and team members. Bluegreen Vacations Corporation believes that diversity and inclusion is critical to our success, and we seek to recruit, develop and retain the most talented people from a broad candidate pool. We are a drug-free workplace, and if offered employment, candidate must be willing to submit to a background check/drug test. EOE/DFW

At Bluegreen Vacations, the health, safety and wellbeing of our associates, owners and guests are a top priority. We promote fresh air and good hygiene, take great care to properly clean and sanitize our facilities, and offer associate benefits such as paid vacation and sick time, and paid time off to get your COVID-19 vaccine. We are all in this together!

Other details

  • Job Family : IT Security
  • Job Function : Bonus and Merit
  • Pay Type : Salary