IT Security Director

Description

Excelerate Energy is changing the way the world accesses clean, affordable, and reliable energy. We are focused on providing flexible LNG solutions to emerging markets across the globe and delivering a lesser emitting form of energy to markets that often rely on coal as their primary energy source.

We strive to achieve sustainable results by delivering what we promise and by investing in our people, assets, and technology while promoting a culture of safety, quality, and environmental stewardship.

We believe our human capital is our most valuable asset. We hire exceptional people who thrive in a dynamic work environment.  We are committed to fostering, cultivating, and preserving a culture of safety and collaboration. Together, we can create a better future by delivering clean energy to the global communities that need it most.

JOB SUMMARY: 

Reporting to the CIO, the IT Security Director will be responsible for enhancing and maintaining a corporate-wide IT security management program to ensure that information assets are adequately protected. Primary focus for the role is on planning, coordinating, directing, and designing all IT related security activities. Priorities include continuing to enhance our enterprise security stance through policy, architecture and training processes. The IT Security Director is expected to interface with peers within the IT organization, including in the Network, Infrastructure and Applications space as well as with the leaders within business operations to both share and manage the IT security vision and to solicit their involvement in achieving higher levels of enterprise security through information sharing and cooperation. 

ESSENTIAL DUTIES AND RESPONSIBILITIES: include but are not limited to the following activities:

The IT Security Director will be responsible for managing and enhancing the overall structure and approach to IT Security across the company. They will have the ability to work closely with the CIO in building key relationships both within the company and with external support vendors, ensuring a focused support approach. A successful candidate will help enhance the development of core security solutions and processes to satisfy the ongoing needs of the EE business as it continues to grow globally. 

Strategy & Planning

• Evaluate, develop and enhance an information security management framework.
• Partner with business stakeholders across the company to raise awareness of risk management concerns.
• Continuous assessment, enhancement and maintenance of the company’s IT security architecture design.
• Maintain the Company’s security documents (policies, standards, baselines, guidelines and procedures).
• Create and maintain the enterprise’s Business Continuity Plan and Disaster Recovery Plan, where appropriate.

Acquisition & Deployment

• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall company security.
• In conjunction with the CIO and the IT management team, oversee the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures.

Operational Management

• Work with IT Management & Auditors to coordinate and conduct security audits, risk assessment & analysis.
• Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
• Ensure the enforcement of enterprise security documents.
• Execute all investigations into problematic activity and provide on-going communication with senior management.
• Research attempted security breaches and rectify security weaknesses.
• Execute the design and execution of vulnerability assessments, penetration tests and security audits.
• Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
• Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.

PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.  While performing the duties of this Job, the employee is regularly required to talk or hear. The employee is frequently required to sit. The employee is occasionally required to stand; walk and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.   

WORK ENVIRONMENT:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. 

The noise level in the work environment is usually moderate.

WORK AUTHORIZATION: Candidates must be eligible to work in the United States without sponsorship. Sponsorship for this role is not being offered at this time. 

AFFIRMATIVE ACTION/EEO STATEMENT:

It is the policy of Excelerate Energy to provide equal employment opportunities without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, sexual orientation, genetic information, or any other protected characteristic under applicable law.

Requirements

• College Diploma or university degree in the field of computer science.
• Minimum of eight (8) years of experience working in IT Security.
• Master’s degree in related field; not required but preferred.
• Communicating effectively with other team members and supervisor.
• Experience in the most current technologies and products used in the industry.
• Strong organizational, critical thinking and customer service skills.
• Good Excel and database skills.
• One or more of the following certifications:
• GIAC Security Essentials Certification
• GIAC Security Leadership Certification
• ISACA Certified Information Security Manager
• Microsoft Certified Systems Engineer: Security
• (ISC)2 SCCP
• (ISC)2 CISSP
• (ISC)2 ISSA
• Extensive experience in enterprise security document creation.
• Extensive experience in enterprise security architecture design.
• Experience in engaging & managing third party vendors.
• Experience in designing and delivering employee security awareness training.
• Experience in developing Business Continuity Plans and Disaster Recovery Plans.
• Strong understanding of IP, TCP/IP, and other network administration protocols.