Realty Income, The Monthly Dividend Company®, one of four San Diego based S&P 500 companies dedicated to providing shareholders with dependable monthly income. Our company is structured as a REIT, and its monthly dividends are supported by the cash flow from over 6,000 real estate properties owned under long-term lease agreements with regional and national commercial tenants. To date, our company has declared over 600 consecutive common stock monthly dividends throughout its 50-year operating history and has continually increased the dividend since Realty Income's public listing in 1994 (NYSE: O). Our company attracts individuals who value integrity, perseverance, and teamwork. If you appreciate working in a professional environment that rewards employees based on merit and values a work-life balance, make sure to apply today!
As Realty Income’s Information Security Manager, you will be responsible for the development and management of Realty Income’s cybersecurity program(s) to ensure company and employee data is protected from breach and malicious activity. Reporting to the Vice President, Information Technology, you will ensure that the security program is operating efficiently, and that security controls are designed using industry best practices and standards. Based out of our Atlanta location, this role will be temporarily remote.
Your Contribution to the Team Includes
Information Security Program Management
- Ensure the information security program is operating effectively and efficiently.
- Enhance existing security processes and procedures and implement security controls and polices that align with NIST and FFICE cybersecurity frameworks.
- Periodically perform cybersecurity risk assessments and design controls and policies to address new and changing areas of risk.
- Maintain and create cybersecurity policies, standards, procedures, and guidelines.
- Create comprehensive dashboards and reports for company leadership.
- Work with IT team members to design and implement new security controls, processes, and procedures.
- Review and configure all security platforms to produce high-quality and actionable security alerting.
- Work with IT team members to make system hardening recommendations.
- Work with IT team members to ensure essential security and operational logging is being collected, analyzed, and relevant security alerts are being generated.
- Work with IT team members to respond to and prioritize security alerts or notifications.
- Perform periodic technology inventory and asset risk classification review. This review consists of hardware assets, mobile assets, applications, data, and user accounts.
- Review all new software and technology decisions to understand the impact to security, make recommendations on how to address any security related issues.
Cybersecurity Awareness Program and Security Testing
- Manage the internal cybersecurity awareness program (Knowbe4).
- Provide periodic cybersecurity training and information to employees.
- Perform quarterly phishing test (Knowbe4).
- Work with 3rd party security vendors for penetration testing and other security assessments.
Security Incident Response
- Respond to security alerts generated from internal systems.
- Respond to internal employee or vendor security notifications.
- Participate in Incident Response testing, planning and execution.
Vulnerability Management Program
- Manage and administer the company vulnerability management program and platform(s).
- Ensure all Realty Income IT assets are scanned for software and operating system vulnerabilities.
- Ensure any custom developed application source code is scanned for vulnerabilities.
- Ensure discovered vulnerabilities are being prioritized and vulnerability remediation activities are occurring within the timelines documented in the company vulnerability management policy.
What You'll Need to be Successful
- Bachelor’s Degree from a four-year college or university in Computer Science / Information Technology; or eight years related experience and/or training; or equivalent combination of education and experience.
- CISSP (Certified Information Systems Security Professional) Certification
- More than 3 years’ experience in an Information Security role.
- At least 3 years’ experience in a technical IT role (System Administration/Network Administration/DevOps).
- Critical thinker and problem solver with the ability to make decisions and effect change throughout the organization.
- Strong, experienced leader and consensus builder with excellent verbal and written communications skills.
- Strong organizational, interpersonal, and administrative skills with a high degree of professionalism.
- Excellent negotiator with the ability to work in a team environment.
- Excellent analytical and problem-solving abilities.
- Solid technical background with an ability to give instructions to a non-technical audience.
- Extensive experience writing and implementing formal security policies and procedures.
- Experience working with and securing Microsoft Windows operating systems, Microsoft Office 365, Azure AD and Microsoft Active Directory.
- Strong networking skills (TCP/IP).
- Experience with common industry SIEM platforms.
- Experience with common industry vulnerability management platforms.
- Knowledgeable about Data Loss Prevention (DLP) concepts and techniques.
- Programming and application development experience is preferred.
- Knowledgeable about cybersecurity frameworks (NIST, FFIEC).
In response to COVID-19, Realty Income has maintained our business operations and have open opportunities, yet made necessary adjustments to our hiring process. We are conducting all steps of the interview process in a virtual capacity. In response to California’s Stay at Home order and other states with similar provisions, our employees will continue to work remotely until these restrictions have been lifted and it is safe to work in an office again. Realty Income has endeavored to be adaptable and strategic in our capacity to maneuver in an unfamiliar situation, and we pride ourselves on our resilience. We immensely appreciate both your flexibility and consideration of Realty Income for employment.
To all recruitment agencies; Realty Income does not accept unsolicited agency resumes. Please do not forward resumes to our job’s alias, Realty Income employees, or any company location. Realty Income is not responsible for any fees related to unsolicited resumes.
5+ to 7 years