Location: Miami, FL
Responsible for leading efforts focused on implementing and managing solutions scanning, analyzing and reporting (as well as involved in remediating) activities that pose a technical security and data risk to the company’s data, services and systems.
Develop methods of efficient troubleshooting for multiple disciplines of security including but not limited to access control, regulatory compliance (SOX, PCI), privacy (DPA, GAPP), network/telecommunications, cryptography, operations and application security.
Lead the Incident Response Team to investigate, escalate, and implement immediate corrective action for critical security incidents that render company applications inaccessible; analyze incidents and evaluate solutions. Escalate to management in writing and open a ticket for any potential vulnerability from internal and external sources.
Administer existing and new security tools according to best practices and compliance guidelines. Establish a technical security committee/forum to pursue and promote cyber secure architectural solutions.
Develop and engineer security solutions using a combination of tools, best practices and procedures to enhance systems security and help protect and defend onboard guests, employees, crew members and corporate’s private and confidential data.
Lead the entire Security team and Network team through quarterly incident handling practice. Incorporate other critical departments as needed.
Resolve incidents and troubles that impact systems and security measures.
Ensure the availability of logs for appropriate monitoring and review for meeting security best practices as well as SOX and PCI compliance standards.
Create and deliver a series of trainings for educating IT team members shoreside and shipside on importance of securing data and its impacts to guest experience.
Run penetration and vulnerability tests quarterly for the discovery of vulnerabilities in the network and web facing applications.
Test, coordinate, push and manage security patches, anti-virus, and anti-malware to computers, laptops and servers across headquarters, fleet-wide and remote offices.
Join local security forums to keep abreast of new threats and share information with other members of the team.
Perform other job related functions as assigned.
EDUCATION: Bachelor’s Degree in Computer Science or related field of study; or any equivalent combination of relevant work experience and training
CERTIFICATIONS: The appropriate level of Professional status, which includes at least one but preferably more: CISSP, CISA, CISM, CRISC, CCNP (R&S, Security and/or wifi), CCIE (R&S, Security and/or wifi), AWS Solutions Architect, VMWare certification (design or implementation), GLEG, GSEC, GCFW, GCIA, GCIH, GCWN, GCIM, G7799, GSNA, SNIA/SCSN-E, and/or MCSE-Security.
EXPERIENCE: 7 to 10 years of experience in IT technical roles, and 3 to 5 years progressively-responsible experience in IT security. Experience in database administration, or web applications security of interest, but not critical. Previous experience in the virtualized server and web application design is desired.