The IT Team Lead is responsible for overseeing the IT team, with a strong focus on security, compliance, and infrastructure management. The role requires significant experience in security frameworks, particularly NIST, CMMC, and ISMS, along with deep expertise in Linux-based environments. The IT Team Lead will drive the implementation and management of security practices, ensure regulatory compliance, and provide guidance on systems and network infrastructure management. This position requires hands-on technical leadership, security policy development, and team mentoring to maintain a secure, scalable IT environment.
Key Responsibilities:
- Team Leadership & Project Management:
- Lead and mentor the IT team, fostering a collaborative and high-performance work environment.
- Manage day-to-day IT operations, ensuring efficient use of resources and timely completion of projects.
- Set team goals, define priorities, and oversee project planning, execution, and monitoring to ensure adherence to security and compliance requirements.
- Security & Compliance:
- Implement and manage security frameworks in line with NIST (National Institute of Standards and Technology), CMMC (Cybersecurity Maturity Model Certification), and ISMS (Information Security Management System).
- Oversee the development, maintenance, and enforcement of security policies, standards, and procedures.
- Ensure continuous compliance with regulatory requirements and perform regular security audits, vulnerability assessments, and risk analysis.
- Linux Systems & Infrastructure Management:
- Manage and maintain Linux-based servers, ensuring system security, stability, and performance.
- Oversee the installation, configuration, and monitoring of Linux servers and associated software.
- Develop and maintain automated deployment processes using tools like Ansible, Puppet, or Chef to ensure consistency across environments.
- Incident Response & Monitoring:
- Establish incident response procedures and manage the team’s response to security events, ensuring timely detection, mitigation, and reporting.
- Monitor system logs, network traffic, and security alerts to identify and address potential threats.
- Coordinate with other departments to resolve security issues and vulnerabilities in a timely manner.
- Documentation & Reporting:
- Maintain thorough documentation of security policies, processes, and compliance requirements.
- Prepare and deliver regular reports on security risks, compliance status, and system performance to senior leadership.
- Ensure documentation of system architecture, processes, and configurations is up-to-date and readily available.
- Collaboration & Communication:
- Collaborate with cross-functional teams to align IT initiatives with broader business goals.
- Serve as the primary liaison between the IT department and external auditors, security consultants, and vendors.
- Communicate technical details to non-technical stakeholders clearly and effectively.
Key Qualifications:
- Education:
- Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field. A master's degree or relevant certifications (e.g., CISSP, CISM, CISA) is preferred.
- Experience:
- 5+ years of experience in IT with a focus on security and compliance.
- 3+ years of experience managing Linux systems in production environments.
- Proven experience with security frameworks like NIST, CMMC, and ISMS.
- Experience leading IT teams and managing complex technical projects.
- Technical Skills:
- Expertise in Linux system administration (Red Hat, Ubuntu, CentOS) including configuration, security hardening, and performance tuning.
- Familiarity with NIST and CMMC compliance requirements and practical application of these standards in an IT environment.
- Strong knowledge of ISMS principles and experience implementing information security management systems.
- Hands-on experience with firewalls, IDS/IPS, VPNs, and other network security technologies.
- Proficiency with automation tools like Ansible, Puppet, or Chef for managing Linux infrastructures.
- Understanding of vulnerability scanning tools, SIEM solutions, and security best practices.