Job Level Summary

• Manages professional employees and/or supervisors.
• Has accountability for the performance and results of a team within own area of specialty.
• Adapts plans and priorities with urgency to address resource and operational challenges.
• Decisions and problem solving are guided by policies, procedures and department plan; receives guidance from manager.
• Provides technical guidance to employees, colleagues and/or customers.

Primary Accountabilities

• Develop security strategies for existing and emerging business needs and maintain a security technology roadmap to deliver new capabilities.
• Drive the selection, architecture and design, implementation and maintenance of the Company’s security technology.
• Directs the research into emerging tools, techniques and methods for detecting and addressing evolving threats to enterprise digital assets.
• Oversees the development and implementation of cyber security and information risk management capabilities, services, that support protect enterprise digital assets in accordance with enterprise policies and standards.
• Establishes methodologies to provision users and provide identity access management duties within American Family enterprise.  Ensures the methodologies address business needs and demonstrate compliance with federal mandates and industry standards.
• Manages active monitoring of systems to identify anomalies and potential threats as they occur and takes actions to eliminate the threats.
• Manages implementation of a methodology to measure and report current and future security vulnerabilities and establishes remediation plans.
• Manages security assessments of systems and applications using penetration tests, ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities.
• Establishes, communicates, and implements departmental plans, objectives, and strategies.
• Manages relationships with multiple stakeholders, understanding the business drivers and the future direction of the business.  Provides information security architecture/systems engineering and security standards consulting to the business areas.
• Manages direct reports, systems and projects to achieve department/unit goals in accordance with Company policies and practices.
• Manages the budget, including continually seeking efficiencies and cost reductions.
• Provides leadership by exhibiting influence and expertise, thus affecting the results of the area.
• Develops staff through coaching, providing performance feedback, providing effective performance assessments and establishing performance & development plans.

Additional Skills

• Experience with Identity & Access Management concepts, such as user lifecycle management (provisioning and de-provisioning), Identity Governance, Role/Attribute Based Access Control, and least-privileged access.
• Experience with Agile Practices like Scrum, Kanban, CI/CD.
• Experience with build/tooling such as Git, Stash, Jenkins, Jira, and Confluence
• Experience leading a team according to Agile software development methodologies
• Ability to lead a highly collaborative, dynamic, and cross-functional team of senior engineers and analyst
• Demonstrated experience overseeing the implementation of DevOps tools, capabilities, and methods
• Ability to complete root-cause analysis on complex issues
• Troubleshooting highly complex issues
• Strong Knowledge of Risk and Compliance initiatives including PCI, SOX, HIPAA
• Knowledge of the NIST Cyber Security Framework