Vice President of Infrastructure - Miramar, United States - Trinity IT Services

    Trinity IT Services
    Trinity IT Services Miramar, United States

    3 weeks ago

    Default job background
    Description

    At Trinity IT Services, we specialize in recruiting top talent for organizations across many industry verticals. With our extensive network and expertise in recruitment, we are dedicated to helping individuals like yourself find rewarding opportunities that align with your skills and career aspirations. Trinity is proud to be partnering with ARC-One Solutions for the recruitment of their full-time IT career opportunities.

    ARC-One Solutions is creating a next-generation Blood Establishment Computer Software (BECS) platform along with an extensive series of materials designed to provide their partners with robust software that is simple to implement and supports safe, efficient, and compliant regulated blood supply chain management. ARC-One Solutions was created in April 2020 through a partnership between two of the largest blood centers in the country, the American Red Cross and OneBlood. ARC-One Solutions has the privilege and responsibility to assist these organizations in fulfilling over 50% of the nation's blood supply needs. Once implemented, their software will process approximately 10 million products across 56 states and territories.

    We are currently recruiting for an Vice President of Infrastructure & Security at ARC-One Solutions. The base salary range for this position is $193,000 - $304,000 as a full-time W2 employee of ARC-One Solutions. Actual pay will be determined based upon a candidate's job-related knowledge, skills, education, experience, geographic location, and may include other job-related factors such as certification(s), professional licensure, or internal equity considerations.

    Overview

    Leads a multi-disciplined, highly technical team in development, implementation, compliance and maintenance of the organizations cloud infrastructure and information security. Responsible for managing risks related to cyber security, network security, physical security, business continuity planning, crisis management, privacy, and compliance. Focuses on the technology selection, deployment and operations that ensure the infrastructure environments support targeted levels of availability, capacity, continuity, security and follow the strategic direction.

    Responsibilities

    The list of essential functions, as outlined herein, is intended to be representative of the duties and responsibilities performed within this classification. It is not necessarily descriptive of any one position in the class. The omission of an essential function does not preclude management from assigning duties not listed herein if such functions are a logical assignment to the position.

    • Partners closely with the Executives, Product Management Team and Quality Systems Team to institute product development processes and systems which ensure rapid and successful development and deployment of BECS
    • Works closely with the leadership team to define strategic planning process, aligning the technology vision and strategy with product and business direction, customer service strategy, growth strategies
    • Oversees all aspects of the Information Security Program, including developing and implementing security standards, incidence response playbook, policies, processes, procedures and guidelines for the organization
    • Ensures and monitors security compliance within industry and government rules and regulations and provides regular reporting on current state of information security program to senior leadership as appropriate
    • Establishes metrics and a reporting framework to measure the efficiency, effectiveness, and maturity level of the program
    • Evaluates security trends, evolving threats, risks, vulnerabilities and improvement opportunities
    • Investigates all security incidents and leads the immediate response and escalation accordingly to senior leadership; proactively drives improvements in incident identification and response capabilities
    • Leads the penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention, and vulnerability management
    • Ensures the effectiveness of data backup, recovery, and business continuity capabilities
    • Engages with external auditors and vendors to ensure the organization has the certifications expected of a successful, innovative SaaS company and leads annual auditing and certification processes
    • Develops and delivers targeted security awareness and training programs for stakeholder groups
    • Stands as the primary point of contact for all customer-related security and compliance questions
    • Collaborates with the engineering and product teams to apply a "shift-left security strategy" in the software development lifecycle
    • Helps to establish Service Level Agreements and ensure adherence to these standards by monitoring metrics and reporting that information to Senior Leadership
    • Leads the planning and execution of the IT OPEX budgeting process
    • Contributes to the design, documentation and testing of Business Continuity and Disaster Recovery planning
    • Forecasts system demands and recommends upgrades, expansions and reconfigurations of the organization's cloud infrastructure
    • Leads governance and automation efforts to minimize manual work, and ensures transparency in all aspects of the IT infrastructure ecosystem
    • Performs on-call responsibilities and after-hours duties as necessary.

    EDUCATION AND/OR EXPERIENCE:

    Bachelor's degree in Information Systems, Security, Business, Engineering, Computer Science or related field from an accredited college or university; supplemented by fifteen (15) or more years of experience in secure development/application security and Cyber Security Operations, IT infrastructure management, including at least five (5) years of management or leadership experience or an equivalent combination of education, certification, training, and/or experience.

    CERTIFICATES, LICENSES, REGISTRATIONS AND DESIGNATIONS:

    CISM (Certified Information Security Manager) or CISA (Certified Information Security Auditor) or equivalence preferred, and CISSP (Certified Information Systems Security Professional) or equivalence preferred in a combination of one or more of the above listed certifications.

    KNOWLEDGE, SKILLS AND ABILITIES

    • Ability to run the information security office analyzing and applying information security, risk management, and privacy practices
    • Ability to formulate, initiate, and administer policies and procedures for effective fiscal control
    • Knowledge of AWS Well Architected Framework and Cloud application development standard methodologies
    • Knowledge of Kubernetes Microservices architecture and security control in such an environment
    • Ability to design and apply tools, techniques, and procedures to maintain the highest standards in IT security and compliance
    • Knowledge of Cybersecurity Operations in managing and interacting with multiple disciplines, including Cyber Defense, Cyber Intelligence and Analytics, Cloud Threat Management, Adversary Simulation, Detection and Response Engineering, Email Security, Endpoint Security, and Behavioral Analytic
    • Knowledge of complex systems, platform engineering, servers/storage, network and cloud operations
    • Knowledge of information security management and systems monitoring tools
    • Knowledge of IT compliance areas like PCI, DSS, SOX, and HIPPA, etc.
    • Ability to manage high-performing IT operations teams; strong executive presence, excellent analytical skills and attention to detail; effective verbal and written communication skills; and strong interpersonal skills including facilitation and negotiation