Cyber Defense Group (“CDG”) is a group of passionate information security experts working together to solve complex problems in the modern cyber age. Our clients range in size, industry and complexity, but all look to CDG to provide top-notch consultancy services. We are entrepreneurial in spirit and curious about the evolution of our industry and advancement in technology.
If you’re an A-player with a great work ethic and passion for all things security, please send your resume/CV to firstname.lastname@example.org.
Security Technical Program Manager (STPM)Overview:
CDG is seeking a STPM to help us drive security program implementation with our expanding client portfolio. As a STPM, you will define and execute the client’s security program. You will work very closely with the client’s engineering and business teams and other CDG consultants to define long and short term roadmaps, break them down into smaller projects and drive implementation. You will take vague problem statements, develop project charters, actionable technical designs and realistic schedules that drive the clients security program forward. You are a master of dealing with prioritization, unexpected blockers, and resistance to change.
- Responsible for defining security architecture and implementation specifications to operationalize Security Programs for CDG clients.
- Influence and align with client stakeholders on program priorities, break down high level strategies into smaller prioritized projects, define resource allocation and ensure there is continuous progress.
- Evangelize security program goals across the client's organization and drive execution of security architecture, engineering, and implementation roadmaps
- Consult on security topics that may be very broad to hyper specific in areas such as secrets management, vulnerability management, secure software development, application security, bug bounty, authentication, and others.
- Develop metrics to measure program success and operational effectiveness
- Prepare and deliver weekly, monthly, quarterly and annual reports to share program progress and deliverables to stakeholders.
- A STPM that is truly technical. Ideal candidates should have at least 5 years experience as an IT or security engineer.
- You are passionate about learning and technology.
- You have managed technical projects within on-prem and cloud environments.
- This role will work deeply with engineering teams to define and implement security processes and tools that meaningfully move the program forward.
- Exceptional communication, time management and interpersonal skills. The STPM will often be the face of the CDG lead security program at the client and will need to have above average communication skills, punctuality and business acumen. The STPM must have the courage and will to overcome resistance, competing priorities and changing business requirements.
- A self starter that will dig up their sleeves and dive into client environments to deeply understand the clients needs, define actionable plans and drive change.
- Bachelor’s degree preferred but not required.
- At least 5 years of experience in information security, and a true passion for the work.
- An entrepreneurial spirit and a desire to work with much autonomy and often with little direction.
- Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner. This role will be interfacing directly with C-level executives of client companies, and must have exceptional presentation and report-writing skills.
- In-depth experience with cloud security tools as well as manual techniques.
- Ability to multi-task and work in an agile environment.
- Applicants selected for this position will require background screening.
- Must be available to work on an as-needed basis during critical times.
- Ability to protect all forms of highly confidential and proprietary business information and ability to maintain the highest standards of privacy and security.
- Ability to follow and abide by all information and security policies and practices.
- One or more information security certifications (i.e. CISSP, GSEC, CCSP, CCSK, any AWS, GCP or equivalent cloud security certifications.).
Please send your resume/CV to email@example.com to apply for this role.