APi is a market-leading provider of safety, specialty, and industrial services in over 200 locations worldwide, primarily in North America. We have a winning culture driven by entrepreneurial business leaders to deliver innovative solutions for our customers. As a family of companies working together, we have the parts to make any project whole.
At APi Group, the mission is clear: We Build Great Leaders. We believe that everyone at APi is a Leader and one of our core pillars of success is our distinct leadership development culture. We provide internally developed, cross-functional development programs across our businesses. Our culture of investing in leadership development at all levels of the organization has created an empowered, entrepreneurial atmosphere that facilitates organizational sharing of knowledge and best practices and enables the development of cross-brand solutions and innovation.
We are currently seeking an Information Security Lead, whose responsibilities include leading security incident response, collaborating with the Security Architect, coordinating security project initiatives, leading daily operations of the Information Security team, and driving continuous security control improvements. This role provides you with an opportunity to have a direct influence on the organization’s ongoing security strategy and roadmap.
- Lead the Security Incident Response program, which includes the Incident Response Plan, playbooks, procedures, tabletop exercises, communication plans, and response efforts.
- Conduct security engineering activities such as configuring and maintaining security tools, testing new capabilities, supporting IT engineer counterparts, and identifying security control gaps.
- Triage & assess security concerns, develop remediation plans, and drive security incidents to resolution.
- Facilitate post incident reviews, document root causes, and work with impacted teams on resolution actions.
- Research industry trends, identify ongoing security threats, analyze new security testing tools, and provide recommendations on the need and usefulness of such services and products.
- Perform investigations and escalation for complex or high severity security threats or incidents.
- Maintain an in-depth knowledge of common attack vectors, common security exploits, and countermeasures.
- Promote security awareness and assist with “human firewall” training, such as phishing simulations.
- Collaborate and consult with staff to discuss computer data access needs, identify security threats and violations, and identify and recommend needed programming or process changes.
- Perform and report on risk assessments, audits, and tests, then coordinate remediation efforts.
- Detect and report any weaknesses in the existing protocols, recommending or implementing improvements.
- Mentor team members and IT partners.
- Other related duties as assigned.
- At least 5+ years of information security engineering/administration experience.
- 3+ years of experience leading teams.
- Bachelor's degree (B. A.) from four-year College or University; or one to two years related experience and/or training; or equivalent combination of education and experience.
- Thorough understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)
- Proficient in MS Office; Outlook, Word, Excel, Teams, and Visio.
- Excellent written and verbal communications, including presentation skills.
- Flexibility to work occasionally outside business hours to support security incident response, project work, or maintenance window activities.
- Excellent organizational and problem-solving skills with impeccable attention to detail and self-organization.
- Self-directed and motivated, with a positive and willing attitude.
- Security certifications such as CISSP, Security+, CASP, Network+, GCIH, and other GIAC certifications.
- Ability to read network traffic logs and operating systems logs.
- Scripting and programming experience.
- Knowledge and experience with Sarbanes-Oxley and GDPR.
Competencies and Skills:
- Experience with monitoring and responding to security alerts and incidents.
- A technical understanding of IT networks, server administration, and IT applications.
- Proficient, or able to gain proficiency with, a broad array of security software applications and tools.
- Thorough understanding of computer-related security systems such as firewalls, encryption, and password protection and authentication.
APi Group provides competitive compensation and benefits that support the total well-being of you and your family, as well as providing formal learning and development opportunities to continue building great leaders.