Director of IT and Security

Description

About Us 

eSimplicity is modern digital services company that delivers innovative federal and commercial IT solutions designed to improve the health and lives of millions of Americans while defending our national interests. Our solutions and services improve healthcare for 100+ million Americans, protect our borders, and defend our country by supporting and innovating with the Air Force, Space Force, and Navy. Our team of 300+ engineers, designers and strategists relentlessly challenge the status quos, build consensus and collaborate to deliver new solutions with an unwavering focus on the user experience from start to finish. 

eSimplicity is seeking a Director of IT and Security who is responsible for leading eSimplicity’s Security strategy on Corporate and Programs while also responsible for ensuring the success of the Corporate IT Operations team (GCC and Unclassified Environments) strategy, roadmap and operations. Champions and may lead implementing security tools, security tool usage, ensuring tools remain compliant and configured properly, setting program policy best practices all the while ensuring a successful program ATO across all eSimplicity programs. The Director of IT and Security provides oversight and is the subject matter expert to lower-level Security personnel. The Director of IT and Security is responsible for ensuring Corporate and IT Operation systems and procedures safeguard internal information systems, networks, databases, and Web-based assets while meeting high-levels of community satisfaction. 

Responsibilities: 

• Leads the Corporate IT Operations and Security day-to-day vision, roadmap, and strategies. 
• Leads the Security Operations Best Practices and meets with security personnel across eSimplicity programs to ensure consisten corporate-to-program security visionary leadership. 
• May lead/ensure or conduct vulnerability assessments and monitors systems, networks, databases and Web-based assets for potential system breaches. Recommends and takes the lead on implementing changes to enhance security systems and prevent unauthorized access.  
• Responds or leads teams that address and respond to day-to-day corporate IT activities and alerts from information technology tools. Reports, investigates, and resolves higher level security/system incidents.   
• Responds or leads teams to respond to security tool outages, degradations in service, tune security rules and alerts, and setup/maintain security tool dashboards and reporting.  
• Research and strategize security trends, new methods, and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach. Ensures compliance with regulations and privacy laws.  
• Educates and communicates security requirements and procedures to all users and new employees.  
• Encourages and enables program strategy for continuous security practice and designs all security and privacy policies across an entire large-scale program.  
• Ensures (and engages with other Security SME’s) a continuous security training curricula and culture is used across the eSimplicity corporate and programs to elevate a security mindset across the team.  
• Applies iterative security automation to all program aspects increasing overall security posture iteratively and never accepts the status quo.  
• Responsible for program Security and Privacy strategies across all teams. Ensures a consistent approach and management across the program.  
• Leads/Coaches our Corporate and Client facing security staff and security best practices. Leads security practices with a vision be it for business development, client facing, or corporate needs.  
• Leader will mentor, coach and establish Security and Privacy best practices used across all delivery programs.  
• Leader will participate in business development activities, technical challenges and contribute to technical business development responses. 
• Advances automation and AI to bring efficiencies to all areas of responsibility and throughout their organization. 

Requirements

Required Qualifications:  

• A bachelor's degree in computer science, Information Systems, Engineering, Business, or other related scientific or technical discipline. With ten years of general information technology experience and at least four years of specialized experience, a degree is not required.  
• Expert in setting program level security strategy (Privacy and Security Policies)  
• Technical conceptual knowledge of cloud architectures/services (AWS, Microsoft & Google), Datacentric systems, Application Engineering,DataOps,DevSecOps andMLOps  
• Understands continuous automated security practices applied to a variety of technical contexts  
• Understands corporate IT Operations customer support, planning and delivery. 
• Expert in designing security “baked-in” to any architecture: Cloud and IaC, Applications, Web application, Data Processing, Data Centric Applications, AI/ML, CICD Pipelines; seeks automation driven designs.  
• Experience with Agile methodologies  
• Preferred experience with Atlassian Jira/Confluence or an equivalent project tracking and reporting tool 
• Experience with Security Information and Event Management (SIEM) systems.  
• Demonstrated work experience and conceptual expertise with the following: computer networking, cryptography, security engineering and architecture patterns, vulnerability assessments, or operating systems required.   
• Broad experience using cloud services, Linux systems, and Development/Data engineering core tools Github, GitHub Actions, Security Tools, etc.  
• Demonstrated working knowledge of vulnerability assessment and penetration testing tools.   
• Understands how to assess vulnerabilities and provide recommendations regardless of first-hand knowledge of the application or system.  
• Proven ability to work effectively both independently and/or in a team setting.   
• Ability to communicate technical information to a non-technical audience.   
• Must possess strong analytical and problem-solving abilities; and strong critical thinking skills in complex communication environments.   
• Strong attention to detail. Required to manage/follow-through of multiple independent tasks, dependencies across intra/inter-project teams  
• Excellent organizational and time-management skills in a fast-paced environment. Able to effectively manage and communicate in a sustainable manner. 
• Excellent customer service skills with the ability to deal tactfully, confidently, and ethically with both internal and external customers.  
• Expert in Government Agency Security Assessment Process in support of maintaining and/or establishing an ATO and the appropriate boundary.  
• Experience working with US federal agencies in a security role. 
• A driven security/privacy policy and engineering SME with an interest in driving their own career and corporate strategy through the business development engagement process.  
• A passionate IT Operations and security and privacy leader that brings this passion to mentor staff and promotes a security mindset across all engineering roles through continuous training engagements on/off the programs.  
• Proven experience establishing/ensuring a government program’s security strategy and best practices (policy, process, and technology).  
• Excellent command of written and spoken English.    
• Ability to obtain and maintain a Public Trust; residing in the United States 

Desired Qualifications: 

• Experience working in the healthcare industry or Government Agency: CMS.  
• Federal Government contracting work experience  
• Highly preferred industry certification such as CISSP, CEH, GIAC, etc. 

Working Environment:  
eSimplicity supports a remote work environment operating within the Eastern time zone so we can work with and respond to our government clients. Expected hours are 9:00 AM to 5:00 PM Eastern unless otherwise directed by your manager.? 

Occasional travel for training and project meetings. It is estimated to be less than 25% per year.? 

Benefits:  
We offer highly competitive salaries and full healthcare benefits.? 

Equal Employment Opportunity:  
eSimplicity is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, sexual orientation, gender identity, or status as a qualified individual with a disability.?