Security Department
The Vantage Cybersecurity Department for Vantage Data Centers is very hands-on. In most cases, we specify, purchase, configure, and maintain all networking and server hardware. We also work closely with partner Value Added Resellers (VARs) to learn about the latest technological changes so that we can make informed purchase decisions. We are always looking for ways to strike the best balance between technology, performance, and cost. Vantage Security Department also participates in designing each of our new data center building's security infrastructure. If you like getting your hands dirty and helping to design, build and maintain Security infrastructure in a modern data center, then come work at Vantage. We're expanding with many new builds!
Essential Job Functions
Risk Management & ISMS Support:
- Manage the ISMS risk register, ensuring that risks are identified, assessed, and mitigated effectively.
- Provide oversight on cyber risks and the implementation of appropriate controls.
- Support the ISMS program by ensuring compliance with relevant standards and conducting periodic gap assessments.
Cybersecurity Oversight:
- Maintain and track regional KPIs and global standards
- Manage, support, and maintain Vantage's security environment.
- Act as a contact for end users and individuals reporting cybersecurity issues, questions, or concerns.
- Support AI Initiatives and governance.
GRC Program & Project Management:
- Manage GRC programs and projects as assigned, ensuring that objectives are met and risks are mitigated.
- Maintain and manage policies, procedures, standards, and the Confluence site for all documentation, ensuring accuracy and conducting annual reviews.
Audit Support & Compliance:
- Support internal and external audits by providing necessary documentation and responding to audit inquiries.
- Perform periodic gap assessments to validate compliance on an ongoing basis.
Incident Response & Triage:
- Support triage and investigation of security alerts to identify potential threats and take appropriate action
- Participate and support the Business Impact Analysis (BIA) and Crisis Management Framework (CMF) Documentation
Documentation & Communication:
- Create documentation and presentations for leadership and stakeholders on relevant topics and issues.
Professional Development:
- Engage in ongoing training and professional development to stay current with the latest cybersecurity threats, vulnerabilities, trends and technologies.
Additional Duties:
- Handle additional duties as assigned by Manager.
Job Requirements
Education:
- 5 or more years of IT or Cybersecurity Experience or Bachelor's degree in Computer Science, Information Technology, Cybersecurity plus 3 years or more of equivalent years of experience.
- CISA, CISM, ISO 27001 Lead implementer, 27001 lead auditor certifications preferred but not required.
Experience:
- Minimum of 3 years leading cybersecurity projects or deployments
- Demonstrated experience in enterprise risk management with strong understanding of cyber threats, vulnerabilities, probability, and impact.
- Experience with IT governance, risk, and compliance management in a complex global environment.
- Experience with scripting and automation (e.g., Python, PowerShell), preferred.
- Experience with vulnerability management and end point security
- Deep understanding of M365 products such as Teams, EXO, SPO, Power Platform, Office.
- Data Center experience is strongly preferred, but not required
Skills:
- Ability to excel in a fast paced and rapidly changing environment.
- Familiarity with regulatory requirements and frameworks (e.g., GDPR, COBIT, NIST).
- Understanding of cloud security principles and technologies (e.g., AWS, Azure, Google Cloud)
- Familiarity with ISMS and security frameworks, particularly ISO 27001/27002 and NIST RMF.
- Strong understanding of fundamental information security concepts and technology.
- Proficiency in written and oral communications across multiple stakeholder groups ranging from junior staff to senior executives.
- Strong background in process development, documentation, and continuous improvement.
- Experience developing Standard Operating Procedures (SOPs), job aids, and hands-on training materials.
- Preferred Tooling Experience:Tenable
ServiceNow
Microsoft 365, Defender, Purview, Entra
Confluence
SharePoint
ClickUp or Jira
- Travel required is expected to be up to 15% but may increase over time as the business evolves.
