3D Systems, Inc. Cyber Defense Principal in Rock Hill, South Carolina
3D Systems, a leading global provider of 3D printing solutions, is seeking a Cyber Defense Principal. The individual will be responsible for 3D Systems Information Security application systems and the protection of 3D Data and Systems. The individual will own responsibility for one or more information security platforms such as Cyber Defense, Governance, and Risk, Compliance, or Disaster Recovery. The individual will be part of the Incident Response Team and will own the on-call schedule and assignments of security engineers, analysts, and interns, and will be subject to on-call and after-hours duties on a rotating basis with other team members. Influences and guides 3D Systems personnel on emerging information security threats and technologies and ways to mitigate those threats. Will own security solutions that meet the needs of the business as well as the over-all security program based on the risk.
_PRIMARY JOB FUNCTIONS_
Provide enterprise strategic direction for implementing regional and global IT security architecture to maximize 3D Systems defensive posture while minimizing IT security spend.
Responsible for all aspects of the global security platforms. Serves as the senior IT resource that ensures the global IT standards are effectively implemented in all applicable regions.
· Design, develop and implement documents and procedures that support and enforce security standards, policies and procedures to raise the security posture while lowering the risk.
· Define and understand the current environment and the ability to detect critical security vulnerabilities and risks, then provide feedback on timely remediation of security issues or incidents to management.
· Ensure compliance with all external regulatory compliance programs corporate wide.
· Design, and implement information security documentation standards for security engineers and analyst to follow.
· Ensure security policies and procedures are adhered to and followed by security personnel.
· Maintain relevant security knowledge by attending security events and conferences.
· Review and validate penetration test findings for validity.
· Validate implementation of recommended security configuration changes identified by penetration test findings.
· Establish guidelines for security personnel to follow when interacting with business partners.
· Provide feedback and guidance to Security Engineers, Analyst, and Interns as needed.
· Effectively communicate security risks to 3D Associates, Stakeholders, and Management.
· Experience management and ownership of security tools and applications in a corporate environment.
· Recommend and influence security vendor selection and business requirements for security tool selection.
Education and Training
Bachelor’s degree in Computer Science or related field, or equivalent combination of industry related professional experience and education.
Master(s) in information security or related field preferred.
6-10 years of experience in an information security role with progressive responsibility.
Experience with NIST, SOX, HIPAA or other information security related frameworks or regulations.
Previous management of a Security Application or department for 2 years or greater.
Knowledge, Skills & Abilities
CISSP, CISM, CCSP or other information security related certification(s).
Ability to convey technical information clearly too all groups and individuals concisely, and clearly verbally and in writing to individuals with limited technical expertise.
Experience in information security for a manufacturing environment for international company highly desirable preferred.
_WORKING ENVIRONMENT /PHYSICAL DEMANDS_
The work environment characteristics and physical demands are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
It is the policy of 3D Systems to ensure a safe, healthy workplace for all its employees. All employees are expected and encouraged to participate in safety and health program activities including reporting hazards, unsafe work practices and accidents immediately to their supervisors or Human Resources; wearing required personal protective equipment; and participating and supporting safety activities.
_CODE OF CONDUCT_
All employees are expected to understand and adhere to the standards defined in the Company’s Code of Conduct and Corporate Culture Guidelines.
Title: Cyber Defense Principal
Location: SC-Rock Hill
Requisition ID: 180000UX
Other Locations: US-CO-Littleton