Skip to content

NewPush Open Positions

Job Summary – Manager, Information Security

We are looking for an experienced security leader to join our team. As a security leader, you will build and manage a team of security engineers and leaders, fostering a strong team culture. You and your team will be responsible for reviewing and testing our new services before release, partnering closely with our development teams to produce innovative and secure solutions. We're looking for a leader that's highly passionate about building a high-performing security team. Ideally, you have a track record of delivering high-quality technology products and services in a hyper-growth environment where priorities shift quickly. You should know how to prioritize, communicate clearly, and understand how to drive a high level of focus and excellence with a strong team. In particular, AppSec operates on a very large scale and demands high standards, so a passion and discipline around security and delivery is critical. You will own a TPRM (Third Party Risk Management) process and you will be responsible for vendor security assessment and management. A high level of ownership and accountability is essential.

Purpose

Build and lead a team of security engineers and leaders to deliver high-quality technology products and services in the field of IT Security.

Main Duties

  • Responsible for directing IT Security efforts
  • Conduct performance evaluations of team members and address performance issues or successes (considerations for promotions)
  • Maintain and monitor high availability and high security hosted IT systems
  • Perform specific tasks related to DevOps for projects to satisfy customer expectations and deadlines
  • Document issues, changes, and solutions to maintain a history of resolution
  • Direct the assessment of access management, authentication, and authorization
  • Evaluate internal control deficiencies and ensure remediation strategies are correct as proposed by external/internal audit or internal control staff
  • Enforce process and best practices to provide high-security hygiene in the internal systems and provided services
  • Monitor for new vulnerabilities and trends, and plan mitigations in advance

Position Technical Requirements

  • Proven focus on the delivery of Cyber Security managed services
  • Experience in Azure / Office 365
  • Experience in Active Directory / LDAP
  • Experience in Linux (CentOS, Red Hat)
  • Experience in networks (DNS, routing, firewalls, IPS/IDS+)
  • Experience in Windows Server 2008 / 2012 / 2016 / 2019 systems
  • Experience using Continuous Integration and Continuous Delivery including DevOps and DevSecOps

Required skills

  • 2-3 years of experience leading, managing & developing high-performance teams
  • 5+ years of experience in information security
  • ME/MS in cyber security, computer science or equivalent knowledge/experience
  • Strong information security risk-based prioritization abilities
  • Hands-on knowledge of information security technologies, such as security design review, threat modeling, risk analysis, and software testing techniques
  • Strong bias for action with a proven ability to handle high stress, time-sensitive security tasks
  • Experience managing remote team members
  • Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts
  • Close attention to detail
  • Ability to understand the business and to take care of budgetary responsibilities

Job Summary – Senior Manager IT Compliance

The Senior Manager IT Compliance will be a member of the IT SOX Compliance team in Baltimore, MD. The ideal candidate will have a thorough understanding of IT controls and monitoring. They will be responsible for implementing monitoring and audit activities related to IT compliance. They will also participate in multiple key initiatives to enhance IT Compliance (SOX, FERPA, PCI; Privacy Laws).

Purpose 

Direct IT Compliance efforts to implement, enforce and monitor IT Sarbanes-Oxley (SOX) Compliance and equivalent complexity security controls.

Main Duties

  • Manage the documentation and assessment of IT internal controls over financial reporting as part of the ongoing Sarbanes-Oxley (SOX) compliance effort
  • Responsible for directing IT compliance efforts for all institutions within a large geographic region
  • Provide leadership and guidance to a team of IT SOX Compliance professionals
  • Direct the assessment of access management, authentication, and authorization
  • Evaluate internal control deficiencies and ensure remediation strategies are correct as proposed by external/internal audit, or internal control staff
  • Oversee the creation of efficient procedures and methodologies to test controls relevant to SOX
  • Responsible for compliance results and corresponding reporting
  • Build meaningful metrics to demonstrate continuous improvement in the audit process and in the efficacy of internal controls
  • Create specific metrics to monitor control deficiencies and remediation accountabilities across all IT functional groups
  • Supervise daily activities of IT SOX Compliance Analyst personnel
  • Coordinate with IT Executive Regional CIOs, local IT Management and Compliance teams to identify automation opportunities to streamline application and infrastructure controls across IT functional groups
  • Coordinate with IT personnel across the enterprise to implement required controls, ensure these controls are executed, and maintain appropriate evidence
  • Prepare and/or review reports that are requested for the reporting of SOX IT-related information to various levels of management
  • Responsible for coordinating with IT process owners on updating IT SOX documentation
  • Provide guidance on internal financial policies and procedures with respect to IT controls
  • Develop and execute SOX Compliance training and awareness programs based on audit findings and regulation(s) changes
  • Work with IT Compliance due diligence programs for new acquisitions and develop plans as required based on GAP analysis results and requirements
  • Negotiate and influence business process transformation and process improvements with business owners and systems stakeholders
  • Implement policies, processes, and systems aligned with the strategic roadmap and in support of near-term deliverables (audit and other)
  • Constantly on alert for potential areas of vulnerability or risk; able to work with management and operations to develop contingency plans and make critical decisions for the regional institutions
  • Ensure that monitoring programs are in place to measure efficiency and identify potential areas for improvement

 

Required skills

  • Bachelor’s degree in technology, business, or accounting. Postgraduate degree preferred
  • Minimum of 10 years of experience in IT and/or auditing work experience
  • Minimum of 5 years of experience in SOX IT Compliance
  • Strong change management and negotiation skills with the ability to work within a matrix-run organization
  • Experience in developing and deploying best practices, policies, procedures, and processes
  • Excellent written, verbal and communication skills
  • CISA, CISM, or equivalent professional certification desirable
  • Technical knowledge
  • Excellent oral and written communications skills
  • Sense of urgency and good execution skills
  • Team player
  • Detail orientation, and the ability to record, organize, and communicate detail

Job Summary – Senior Technical Project Manager

You will be part of the executive team, intimately involved in planning, tracking, and delivering NewPush projects, including intellectual properties such as TrACE Platform. In this role, the ideal candidate will be working closely with NewPush leadership to provide oversight on activities across different functional areas, including development, QA and infrastructure team, and technical architects. The incumbent will be coordinating release activities and ensuring releases are delivered successfully and within schedule and budget.

Purpose 

Ensure that we are delivering powerfully and cost-effectively on all assigned internal and customer projects. 

Areas of Accountability

  • Oversee implementation
  • Liaise with clients and suppliers/colleagues
  • Grow the team of our internal people (both staff and dedicated contractors)
  • Ensure our processes continue to be developed, updated, and documented as we grow

Responsibilities and Duties

Planning

  • Identify desired outcomes
  • Clarify needs and availability for internal/external staff and resources 
  • Build detailed project plans, including timelines and schedules
  • Identify potential risks, and develop mitigation strategies as needed
  • Agree with the customer on appropriate granularity for tracking
  • Develop desired tracking for customers
  • Agree with customers on governance around changes  

Oversee implementation

  • Guide the staff to ensure effective implementation
  • Track progress against the project plan
  • Identify a critical path
  • Anticipate and prepare to alleviate potential roadblocks and difficulties
  • Troubleshoot issues as they arise 
  • Conduct project meetings as needed 
  • Keep all appropriate parties in the communication loop

Liaise with clients and suppliers/colleagues

  • Publish customer progress reports as agreed
  • Coordinate logistics as necessary to ensure the smooth delivery of milestones
  • Engage change management and governance, and adjust the plan as needed

Grow the team of our internal people (both staff and dedicated contractors)

  • Conduct lessons learned throughout the project
  • Ensure that each person has goals for growth in addition to project achievement
  • Track and report on staff growth and progress in addition to project progress

Ensure our processes continue to be developed, updated, and documented as we grow

  • As new processes are developed, ensure that they are documented in the official knowledgebase (e.g. Confluence)
  • As processes evolve, ensure that they are updated in the knowledgebase
  • Conduct regular knowledge sharing sessions
  • Elicit suggestions and feedback for continued development and streamlining of our processes
  • Update knowledgebase with lessons learned, and ensure that other projects in flight benefit immediately 
  • Share challenges and successes with other project managers to break through knowledge silos

Position Technical Requirements

  • Mature understanding of containerization, particularly Docker and Kubernetes
  • Proven focus on the delivery of Cyber Security managed services
  • Plan and execute new projects and ensure operational systems adhere to sound security policies and processes with a focus on reporting, tracking, and closing any potential challenges before they become issues
  • Hands-on experience in designing complex and multi-faceted implantation 
  • Demonstrable experience in delivering projects under budget and on time
  • Ability to lead by example and communicate effectively with the development team
  • Strong understanding and experience in data structures
  • Demonstrable understanding of data pipeline technologies, such as Kafka and/or RabbitMQ
  • Relational Database Knowledge, including MSSQL and MongoDB
  • Previous management experience in continuous integration and delivery, including DevOps and DevSecOps
  • Deep expertise in delivering program objectives and timelines, and estimate cost and effects required for large Identity & Access Management (IAM) and data analytics projects
  • Hands-on Front and Backend experience with Brainwave GRC software
  • Experience architecting, building, delivering products and services to satisfy Sarbanes-Oxley (SOX) compliance requirements, PCI compliance requirements and other security mandates
  • Oversee contracts with external vendors ensuring communication of expectations and verification of delivered services
  • Experience with Agile/SCRUM

Required Skills

  • 7+ years of hands-on software programming experience building applications and offerings 
  • 7+ years solid experience with delivering successful cybersecurity programs
  • 3+ years of real-world development experience 
  • 3+ years of experience in multiple layers of OSI stack
  • Excellent verbal and written communication skills, including polished presentation skills 
  • Expert-level expertise in articulating complex technical issues to both technical and non-technical audiences, in a clear and understandable manner
  • Willingness to adapt and evolve to technology changes
  • Ability to work independently and within a team

Other Required Attributes

  • Positive
  • Resourceful
  • Bias for action
  • Strong at the completion
  • Anticipates well
  • Looks to contribute
© 2021, All rights reserved. | NewPush LLC. | newpush.com