Director of IT and Security

Job Description

Job DescriptionDescription:

About Us

eSimplicity is modern digital services company that delivers innovative federal and commercial IT solutions designed to improve the health and lives of millions of Americans while defending our national interests. Our solutions and services improve healthcare for 100+ million Americans, protect our borders, and defend our country by supporting and innovating with the Air Force, Space Force, and Navy. Our team of 300+ engineers, designers and strategists relentlessly challenge the status quos, build consensus and collaborate to deliver new solutions with an unwavering focus on the user experience from start to finish.

eSimplicity is seeking a Director of IT and Security who is responsible for leading eSimplicity’s Security strategy on Corporate and Programs while also responsible for ensuring the success of the Corporate IT Operations team (GCC and Unclassified Environments) strategy, roadmap and operations. Champions and may lead implementing security tools, security tool usage, ensuring tools remain compliant and configured properly, setting program policy best practices all the while ensuring a successful program ATO across all eSimplicity programs. The Director of IT and Security provides oversight and is the subject matter expert to lower-level Security personnel. The Director of IT and Security is responsible for ensuring Corporate and IT Operation systems and procedures safeguard internal information systems, networks, databases, and Web-based assets while meeting high levels of community (employee).

Responsibilities:

• Leads the corporate IT Operations and Security day-to-day vision, roadmap, and strategies and encourages strong employee satisfaction with IT services.
• Leads the Security Operations Best Practices and meets with security personnel across eSimplicity programs to ensure consistent corporate-to-program security visionary leadership.
• May lead/ensure or conduct vulnerability assessments and (proactively) monitors systems, networks, databases and Web-based assets for potential system breaches. Recommends and takes the lead on implementing changes to enhance security systems and prevent unauthorized access.
• Responds or leads teams that address and respond to day-to-day corporate IT activities and alerts from information technology tools. Reports, investigates, and resolves higher level security/system incidents.
• Responds or leads teams to respond to security tool outages, degradations in service, tune security rules and alerts, and setup/maintain security tool dashboards and reporting.
• Research and strategize security trends, new methods, and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach. Ensures compliance with regulations and privacy laws.
• Educates and communicates security requirements and procedures to all users and new employees.
• Encourages and enables program strategy for continuous security practice and designs all security and privacy policies across an entire large-scale program.
• Ensures (and engages with other Security SME’s) a continuous security training curricula and culture is used across the eSimplicity corporate and programs to elevate a security mindset across the team.
• Applies iterative IT and security automation to all company aspects increasing overall security posture, and IT efficiency iteratively and never accepts the status quo.
• Responsible for company Security and Privacy strategies, including CMMC, across all teams. Ensures a consistent approach and management across the program.
• Leads/Coaches our corporate IT and security staff and security best practices. Leads security practices with a vision be it for business development, client facing, or corporate needs.
• Leads corporate IT project planning initiatives with an emphasis on employee satisfaction.
• Leader may support business development activities, technical challenges and contribute to technical business development strategies.
• Advances automation and AI to bring efficiencies to all areas of responsibility and throughout their organization.
• Other duties as assigned.

Requirements:

Required Qualifications:

• A bachelor's degree in computer science, Information Systems, Engineering, Business, or other related scientific or technical discipline. With ten years of general information technology experience and at least four years of specialized experience, a degree is not required.
• Expert in strategic corporate IT and CMMC governance, planning, and security strategy (Privacy and Security Policies) within a U.S. federal civilian and defense and national intelligence marketspaces.
• Technical conceptual knowledge of cloud architectures/services (AWS, Microsoft & Google), Datacentric systems, Application Engineering,DataOps,DevSecOps andMLOps
• Understands continuous automated IT and security practices applied to a variety of technical contexts
• Understands corporate IT Operations customer support, planning and delivery.
• Expert in designing security “baked-in” to any architecture: Cloud and IaC, Applications, Web application, Data Processing, Data Centric Applications, AI/ML, CICD Pipelines; seeks automation driven designs.
• Experience with Agile methodologies and IT project management and timely delivery
• Proven successful history of IT/Security project success with high-customer satisfaction metrics.
• Experience with Security Information and Event Management (SIEM) systems.
• Demonstrated work experience and conceptual expertise with the following: computer networking, cryptography, security engineering and architecture patterns, vulnerability assessments, or operating systems required.
• Broad experience using cloud services, Linux systems, and Development/Data engineering core tools Github, GitHub Actions, Security Tools, etc.
• Demonstrated working knowledge of vulnerability assessment and penetration testing tools.
• Understands how to assess vulnerabilities and provide recommendations regardless of first-hand knowledge of the application or system.
• Proven ability to work effectively both independently and/or in a team setting.
• Ability to communicate technical information to a non-technical audience.
• Must possess strong analytical and problem-solving abilities; and strong critical thinking skills in complex communication environments.
• Strong attention to detail. Required to manage/follow-through of multiple independent tasks, dependencies across intra/inter-project teams
• Excellent organizational and time-management skills in a fast-paced environment. Able to effectively manage and communicate in a sustainable manner.
• Excellent customer service skills with the ability to deal tactfully, confidently, and ethically with both internal and external customers.
• Expert in Government Agency Security Assessment Process in support of maintaining and/or establishing an ATO and the appropriate boundary.
• Experience working with US federal agencies (civilian, defense and/or national intelligence) in an IT and/or a security role.
• A driven security/privacy policy and engineering SME with an interest in driving their own career and corporate strategy through the business development engagement process.
• A passionate IT Operations and security and privacy leader that brings this passion to mentor staff and promotes a security mindset across all engineering roles through continuous training engagements on/off the programs.
• Excellent command of written and spoken English.
• Ability to obtain and maintain a Public Trust; residing in the United States

Desired Qualifications:

• Experience working in the healthcare industry or Government Agency: CMS.
• Federal Government contracting work experience
• Highly preferred industry certification such as CISSP, CEH, GIAC, etc.

Working Environment:
eSimplicity supports a hybrid work environment operating within the Eastern time zone so we can work with and respond to our government clients. Expected hours are 9:00 AM to 5:00 PM Eastern unless otherwise directed by your manager.

Occasional travel for training and project meetings. It is estimated to be less than 25% per year.

Benefits:
We offer highly competitive salaries and full healthcare benefits.

Equal Employment Opportunity:
eSimplicity is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, sexual orientation, gender identity, or status as a qualified individual with a disability.