Aerojet Rocketdyne is a world-recognized aerospace and defense leader providing propulsion and energetics to its space, missile defense, strategic, tactical missile and armaments customers throughout domestic and international markets. We offer a complete line of propulsion products for launch vehicles, missile defense, and advanced hypersonic propulsion.
We are seeking a Director, Information Security Management, Information Security Officer (ISO). This position can be located at our Sacramento or Canoga Park, CA location.
The Information Security Officer (ISO) develops and maintains enterprise security and risk policies, oversees vendor risks, and influences user behavior. The ISO is responsible for managing risks relating to information security, physical security, business continuity planning, crisis management, privacy, and compliance. The role also directs the adoption and implementation of policies and procedures across the enterprise.
Additionally this role will function as the Chief Architect, responsible for directing the program to develop, maintain, and leverage the enterprise architecture (EA) across the organization. As well as be responsible for defining EA processes such as the EA assurance process and for leading the integration of these processes with other related business and IT processes.
50% - CISO responsibilities:
50% - Chief Architect responsibility:
Understands “voice of the customer” and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with need.
S/he proactively shares knowledge of technology risks and opportunities to improve efficiency and effectiveness of the Cyber Security and Enterprise Architecture. S/he partners with business leadership and other key stakeholders to define opportunities and prioritize IT Business Requests and projects based on predefined criteria (e.g. return on investment, productivity, compliance, legal, operational risk reduction, and contractual requirements).
Requires a Bachelor's degree in an appropriate discipline and at least fourteen (14) years of business/industry work experience with a broad range of exposure to various business segments and technical environments.
US Citizenship required. Must be able to obtain and maintain a U.S. Security Clearance at SECRET level (U.S. Citizenship required). Must also be able to satisfy federal government requirements for access to government information, and having dual citizenship may preclude you from being able to meet this requirement.
Familiar with enterprise architecture technologies and concepts: frameworks, collaboration, business strategies.
Demonstrated technology skills across business, applications, data, and infrastructure architecture domains, and experiences in development lifecycle management.
Extensive experience in systems, network, endpoint, and application security.
Must have well developed change management skills; be effective in working across organizational boundaries to build a case for changes, and to execute on the change plan - from strategy through to ongoing operation and process improvement.
An excellent understanding of security and privacy regulations such as Sarbanes-Oxley Act, Payment Card Industry (PCI), Cardholder Information Security Program (CISP), Gramm-Leach-Bliley Act (GLBA), international privacy laws, and corporate security policies and procedures.
Strong understanding of security and auditing standards such as ISO 17799, Control Objectives for Information and related Technology (COBIT), and National Institute of Standards and Technology (NIST).
Excellent knowledge of information security technology, such as firewalls, intrusion detection systems (IDS), access management, anti-malware, SIEM technologies.
Extensive multiple domain knowledge for such assets as routers, switches, firewalls, NT, UNIX and mainframe systems.
CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) certification - preferably both.
Team and collaboration orientation.
US Citizenship Only Required. Dual Citizenship does not meet job qualifications
Work Environment and Physical Requirements
Employees in these positions must possess mobility to work in a standard office setting and to use standard office equipment, including a computer; stamina to sit and to maintain attention to detail despite interruptions; may occasionally lift/carry/push/pull up to 15 pounds; may require minimal walking, climbing, stooping, crouching, and/or bending; and vision to read printed materials and a computer screen, and hearing and speech to communicate in person and over the telephone. May require the ability to travel by air or auto. May require the use of personal protective equipment such as safety glasses, safety shoes, and shop coat. These positions may be expected to work varying shifts and hours to ensure successful operation of activities in the organization.