About Us
Pegasystems, the leader in business process management and a leading provider of CRM solutions, helps organizations enhance customer loyalty, generate new business, and improve productivity. Our patented Build for Change®
technology speeds the delivery of critical business solutions by directly capturing business objectives and eliminating manual programming. Pegasystems enables clients to quickly adapt to changing business conditions in order to
outperform the competition.
IT Security Officer
IT Security Officer:
Job Purpose: This individual is responsible for leadership of Pega’s IT Security Operation and IT Risk Management function. Working in close partnership with the IT Operations and Applications teams, this individual will define and implement security programs, policies, and procedures which improve Pega’s security posture and are in alignment with industry best practices. This individual will possess deep technical domain expertise while also having strong business acumen.
Key Result Areas:
- Develop a security roadmap with clearly defined milestones and objectives which will mature Pega’s operations and reduce risk and exposure based on an established security framework such as the ISO27002 / ISO17799 Security Standard.
- Work closely with key stakeholders regarding the design and implementation of new project and service requests to develop solutions which meet those requirements while ensuring that corporate information security objectives are maintained.
- Respond to Sales and Legal inquiries regarding Pega’s security architecture. Develop a set of customer ready documents which outline our security and risk management status.
- Support our PAAS initiatives by understanding and providing consultative support for all security functions, policies and compliance programs required to ensure the integrity, availability and confidentiality of our customer’s data hosted on the Pega Cloud.
- He/she will also be responsible for managing technical assessments of the major information security subsystems in accordance with established policy and best practice guidelines, checking for compliance with the systems, policies, and procedures, and driving remediation where non-compliance exist.
- He/she will partner closely with the Chief Compliance Officer, and Internal/External Audit functions, to ensure the audit of these areas is comprehensive. Subsequently will be accountable for owning and will drive remediation of any findings.
- He/she will also be responsible for investigating, in coordination Legal and our Chief Compliance Officer, computer security incidents, and recommending corrective actions. Solid experience in computer forensics, information warfare, cybercrime, etc. is highly desirable.
- He/she will be expected to conduct ongoing assessments of the Company’s information protection measures, and create measurement tools for quantifying success of the Information Security program.
- Will oversee the IT Infrastructure Sox programs and coordinate with the process owners the execution of controls, effectiveness metrics, optimization/efficiency, and automation.
- Will oversee the IT Infrastructure Disaster Recovery programs and will coordinate the program with the individual domain stakeholders. This is a program management function as the implementation and execution of the program resides within the individual technical domains.
Functional Expertise:
- Five to seven years of IT security and operations management experience. Specific depth needed in IT Infrastructure.
- Strong technical domain expertise with IT infrastructure, networks, systems, and hosted services – preferred individual will have come up through the ranks.
- Experienced working in a large global environment (2000 employees).
- Strong project management expertise, skilled managing cross functional projects where direct authority over the resources does not exist.
- Ability to quickly assimilate knowledge of technologies and products (highly technical individual with domain expertise and credibility)
- Excellent oral and written communication skills. Skilled at drafting policies/procedures and gaining consensus through negotiation.
- Excellent customer management and negotiation skills required.
- Be knowledgable with the following standards and regulations: ISO27002 / ISO17799, OWASP, PCI Data Security Standard, – also knowledge of HIPAA, PIC DSS and EU Data Protection Directive 95/46/EC desirable.
Behavioral and Interpersonal:
- Strong customer service orientation
- Highly results oriented – Aggressively managing projects to ensure a quality, on time, on budget deliverables.
- The successful candidate will be able to establish and maintain effective working relationships at all levels of organization.
- Demonstrate a high degree of ownership, accountability, and pride in delivering quality results.
- Deals effectively and professionally with pressure (real or perceived) and capably performs and meets requirements while managing and prioritizing work in stressful situations.
- Effective interpersonal skills including facilitation skills and conflict resolution
- Ability to work with individuals of varying degrees of technical understanding; should be able to adjust communication style based on targeted audience.
- Ability to work independently with minimal supervision
Supervisory Responsibility: No direct staff, leads global project teams, utilizes resources within the individual teams.
Sphere of Influence: Global scope
Education and Experience Requirements:
Minimum Level of Education: Bachelor’s Degree or equivalent working experience.
Type of Experience and Minimum Number of Years:
- Must have a minimum of 5 years of experience focused in the Security operations domain.
- Minimum of 7+ years of experience overall in a global mid to large size company (2000 employees)
An Equal Opportunity/Affirmative Action Employer. Women, minorities, veterans, and people with disabilities are strongly encouraged to apply.
<!–
–>
Article source: http://jobview.monster.com/IT-Security-Officer-Job-Cambridge-MA-US-100666279.aspx
View full post on National Cyber Security