Cyber Security Manager
AerCap is the global leader in aircraft leasing and aviation finance headquartered in Dublin, Ireland. As part of a new strategic IT initiative, AerCap has prioritised investment in Cybersecurity and we are looking for an experienced Cybersecurity Analyst/Manager to manage, monitor and report on all aspects of AerCap’s Cyber security landscape.
The successful candidate requires excellent analytical and problem solving skills combined with a strong track record of working with Security Controls across one or more domains: Access Management, Network Security, Data Security, Vulnerability Management, etc. and also possess excellent knowledge of security standards and industry best practices.
Reporting directly to the Director of Service Delivery, the successful candidate will work closely with the CIO/CISO and will support the Information Security & Compliance Officer in the management of all technology-related security and compliance issues across the organization.
You will also work closely with technology teams on the implementation of policies, procedures and controls to ensure that the organization's practices remain compliant with industry best practice standards, as well as implementing and managing security technologies that will maintain and raise the overall security posture of the organization.
This is a broad, highly interesting, challenging and diverse role requiring the successful candidate to work with a range of technologies and service providers to continuously monitor and improve AerCap’s cyber security systems and processes, be able to truly influence the development of AerCap’s security landscape and be instrumental in ensuring a smooth operation of all systems and managed service providers.
- Day-to-day management of the Cybersecurity portfolio working in close collaboration with internal stakeholders, the retained outsourcing partners and external vendors to monitor and manage all aspects of the security landscape including (but not limited to) infrastructure and application patching, access management, network & data security and more.
- Implement a meaningful set of security monitoring metrics to ensure visibility of all infrastructure and systems/applications, constantly refine the results according to the current threat landscape and report on the IT security posture of the organisation
- Investigate cyber security incidents and operate software/hardware to protect information systems and all infrastructure.
- Provide technical input to all implementations of infrastructure solutions ensuring industry best practice standards are adhered to.
- Manage a regular external and internal scanning/pen testing program.
- Develop and establish security management processes.
- Work with senior management to develop, plan, implement and deliver ongoing information security awareness and privacy training across the organization including the development of metrics and recommending improvements
Job requirements, qualifications, and competencies
- BSc or MSc in Computer Science, Information Security or equivalent experience
- 5+ years of experience in IT Cybersecurity with strong track record of managing a security portfolio
- Solid understanding of industry best practice standards such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL), CCM and Control Objectives for Information and Related Technology (COBIT) frameworks.
- Familiarity with applicable legal and regulatory requirements, including, but not limited to, GDPR and the U.S. Sarbanes-Oxley Act (SOx) is highly desirable.
- Up to date industry knowledge and participation in industry forums to ensure access to the latest threat vectors etc.
- Strong project management skills and experience in creating and managing project plans.
- Knowledge of risk frameworks / methodologies is desirable
- CISSP, CISM, CISA or other industry security certifications highly beneficial
- ITIL certification a significant advantage
- Cloud certification and/or experience with Cloud security beneficial
- Experience working with security controls across 1 or more domains: Access Management, Network Security, Data Security, Vulnerability Management, etc.
- Experience of working with/managing NAC, SIEM and PAS/PAM
- Strong experience with securing Windows environments
- Excellent interpersonal, written, and verbal communication skills in English
- Strong problem solving and analytical skills
- Strong communication and presentations skills (oral & written) detail-oriented, strong work ethic, willingness to learn and able to handle multiple priorities and deadlines
- Flexible and self-starting with an exceptional aptitude for dealing with ambiguity, unexpected emergencies, frequent interruptions, and competing deadlines
- Works well independently and as part of a team
- Must be able to work overtime and weekends when necessary
- Demonstrate intellectual curiosity: develops knowledge base and skill set beyond that called for by immediate tasks; pushes the ‘knowledge envelope’; evaluates results of own work and that of others critically vs. purely focusing on production; continuously questions processes and / or methods and seeks opportunities for improvement; thoughtfully challenges conventional wisdom