Since 1928, ASPLUNDH TREE EXPERT, LLC. has been dedicated to safe, efficient and innovative clearance services to the line clearance industry. A family-owned and operated corporation headquartered near Philadelphia, Pennsylvania, Asplundh has grown to employ over 34,000 diverse, energetic professionals throughout the U.S., Canada, New Zealand and Australia.
At Asplundh, our mission is to be the recognized world leader in providing professional, safe, cost-effective and environmentally sustainable vegetation management and other utility-related services. We challenge our people to consistently exceed the expectations of the customers for whom we work and the people they serve.
Our mission drives us. Our people inspire us. Asplundh values your skills, education and experiences. Join us on our mission to becoming the world leader in utility-related services!
The Cyber Security Team Lead will report directly to the Chief Information Officer (CIO) and will be responsible for overseeing the cyber activities of the entire organization. He/she will be a key leader in a growing team that is transforming with the business, addressing new technical challenges by implementing, enhancing, and monitoring security and the privacy controls to support Asplundh's strategic growth objectives. As a leader, he/she will act as an internal consultant to business and information technology delivery teams,
He/she will also architect and design solutions that are strategic for the business using the latest technologies and techniques. Utilizing in-depth knowledge of infrastructure, open source technologies, data & security engineering practices, the Team Lead will develop the strategy, achieve business and engineering buy-in, and monitor execution toward the target architecture across the enterprise.
We are looking for a motivated and dedicated information security practitioner to expand and evolve our existing security program. If this sounds like you, we look forward to seeing your application.
Design, implement and coordinate appropriate controls to ensure that risks stay within acceptable tolerances.
Continually assess our products and our organization for risks and vulnerabilities.
Detect, assess, investigate, and resolve security incidents.
Effectively communicate security requirements and operational needs to management and others in the organization.
Work with development teams to ensure that new features are designed and implemented securely.
Be a resource for all employees to consult about security and privacy issues.
Maintain and enhance an existing suite of automated vulnerability scanning tools.
Investigate and respond appropriately to third-party vulnerability reports.
Assist in the process of defining, executing and continuously improving our internal security architecture processes.
Support and enhance the current technical and business security posture, helping to ensure all staff are aware of the part they play in securing the company's security awareness.
Required Skills and Experience
5+ years of information security experience.
Solid grasp of application security issues relevant to web applications.
Penetration and vulnerability management knowledge required.
Strong verbal and written communication, and the ability to tailor your message to audiences across and beyond the organization.
Proven ability to lead and deployment of a Security Architecture.
Strong knowledge of Penetration and vulnerability management.
Experience in Cyber Risk analysis (threat assessments).
Experience in Application scanning (dynamic and static).
Knowledge of TCP/IP, system networking, routing, and switching.
Knowledge of Next-generation firewall, intrusion detection/prevention, and web application firewalls.
Management and of Security Information and Event Management solutions, prefer (QRadar).
Experience in On-premise (Windows / AIX / Linux) and cloud environments (Azure, IBM, Oracle).
Knowledge of Cloud Computing (dev/ops, sec/dev/ops).
ISC2 CISSP or similar certification required.
Knowledge of NERC/FERC CIP compliance.
ADDITIONAL PREFERRED SKILLS
Monitoring, reporting, and rule updating in Palo Alto Next Generation Firewalls
Experience in collaborating with third-party managed security services such as Rapid7 or others..
Knowledge of either PCI or GDPR.
Experience in large geographically dispersed companies.
Familiarity with NIST and other security/risk frameworks.
This position requires a bachelor's degree or equivalent experience, in a technical field.
Activity: R O F C Activity: R O F C Standing X Seeing X Walking X Reading X Sitting X Reaching X Stooping X Range of Motion X Kneeling X Hearing - Speech Range X Squatting X Depth Perception X Body Twisting X Color Vision X Crawling X Lifting X Sense of Touch X Carrying X Manual Dexterity X Pushing X Speaking Clearly X Pulling X Seeing Distant X Climbing Ladders X Climbing On/Off Truck X Climbing Stairs X Climbing X Balancing X Gripping X Lifting up to 10 lbs X Lifting over 10 lbs to 50 lbs X Lifting up to 50 lbs X
Rarely = less than 10% Occasionally = up to 33% Frequently = up to 66% Continuously = 67% to 100%
Individuals must be able to perform the essential functions of the position with or without a reasonable accommodation. Individuals with a disability who desire a reasonable accommodation should contact the ADA Coordinator at 1-800-248-8733, ext 1339.
An Equal Opportunity Employer, including disabled and vets.
Equal Opportunity Employer, including disabled and veterans.
If you want to view the EEO is the Law poster, please choose your language: