Veris Residential is a forward-thinking, environmentally, and socially conscious real estate investment trust (REIT) that primarily owns, operates, acquires, and develops holistically inspired, Class A multifamily properties that meet the sustainability-conscious lifestyle needs of today’s residents while seeking to positively impact the communities it serves and the planet at large. We are guided by an experienced management team and Board of Directors and is underpinned by leading corporate governance principles, a best-in-class and sustainable approach to operations, and an inclusive culture based on equality and meritocratic empowerment.

We unify the vision and expertise of one of the country’s leading REIT’s. With a new name and a new focus, we are creating new possibilities. Actively envisioning a better tomorrow and doing the work necessary today to go forward together. Diversifying our workforce. Enhancing our communities. Reducing our environmental impact. Increasing our transparency. Making a meaningful difference every way they can.

Overview:
The Cybersecurity Director possesses advanced knowledge of risk management and compliance programs along with technical “hands on” competencies of IT systems, infrastructure, and cloud services. This individual must have strong analytic and soft skills while possessing a willingness for continual learning. The responsibilities consist of security and risk management activities, implementation and testing of security frameworks and controls, processes, and procedures while supporting IT leadership with collecting, compiling, and managing the information necessary to build and maintain an effective and comprehensive Cybersecurity posture, including:

• Developing and implementing a cybersecurity strategy and maturity roadmap that is measurable and effective at protecting the Company and its client residents.
• Formalizing an asset inventory (internal/external), including identification, purpose, owner, risk rank, classification, etc. to ensure that all assets are known and prioritized as part of the Cybersecurity program.
• Implement and lead the Incident Response Team, including internal and external subject matter experts and stakeholders.
• Implement and manage a Vulnerability Management Program, including coordination of ongoing assessments and tracking of remediation activities.
• Implement and be responsible for the Risk Management program that includes Internal Risk and Incident Review Procedures, management of a risk register, and tracking remediation activities and objectives.

The Cybersecurity Director can translate strategy into tactical plans aligned to business objectives/requirements while responsible for coordinating activities that identify, assess, and mitigate risks to the organization. This role will develop and utilize tools and processes to provide support for the information security program and strategy. This individual will work proactively with minimal supervision/provides leadership for cross functional teams.

Essential Job Functions: 

• Provides information security risk assessment and risk mitigation services with recommendations and strategies for security risk management driving standardization based on regulatory requirements, security frameworks and industry leading practices.
• Works with the organization to create, document, implement and manage information security policies, procedures, processes that ensure the confidentiality, integrity, and availability of information assets. Contributes to the formal information security training and provides informal information security awareness and training as needed.
• Participates in the investigation and remediation of security incidents.
• Participates in committees and boards that may include architecture review, change management, and project management.
• Using security information and event management (SIEM) platform to monitor the company’s network and endpoints for security alerts and investigate incidents.
• Provide second / third tier responder analysis and investigation of incidents and security alerts from the SIEM platform or those that are escalated by our MSSP provider and/or team members.
• Drive containment strategy during incidents, data loss or breach events.
• Use of applications and systems, such as firewalls, IDS, NAC, and data encryption programs, to protect sensitive information and carry out further investigations.
• Support direct dialogue with outside contracted MSSP that supports security control operations.
• Prepare reports that document security incidents and the extent of the damage caused by the incident.
• Pro-actively engage & provide guidance to client teams around threats, vulnerabilities, and security changes.
• Understand and articulate emerging threats and incidents to different audiences within the client, including technical, operations management, senior management, and executives.
• Research the latest information security trends and incorporate the knowledge to build strong understanding of possible impact to client’s environment.
• Be part of an incident response team that is on-call out of office hours.
• Create reports relevant to function such as end of day summaries, handover report, management intelligence, threat, and risk analysis.
• Liaise with third parties and vendors when required to troubleshoot SIEM platform, EDR/MDR and other related Cybersecurity matters.

Qualifications and Skills: 

• Bachelor’s Degree (Computer Science, Information Security, Business Management, Political Science, or a related field) and/or a combination of Higher Education /Training with comparable experience in leu of degree.
• 8+ years of experience with security risk management practices as well as knowledge of regulatory and industry compliance requirements such as NIST, Azure, and Microsoft 365 Cloud Services.

• Excellent knowledge of security methodologies, processes (i.e., Cyber Kill Chain/Diamond Models, and the MITRE ATT&CK framework).
• Excellent knowledge of technical security solutions (firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, AVs, DLP, proxies, network behavioral analytics, endpoint, and cloud security).
• In-depth knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis, and network/security applications.
• Very good knowledge of common malware threats and attack methodologies.
• Professional Certifications: GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CISSP, or other equivalent certifications are highly desirable.

• Highly self-motivated and directed.
• Superior analytical, evaluative, and problem-solving skills.
• Ability to motivate in a team-oriented, collaborative environment.
• Demonstrated ability to mentor less experienced team members.

Reports to:   CISO/VP 

Salary Range for an experienced Cybersecurity Director in the New Jersey area is $165,000-185,000 per year (base salary) plus bonus of 15%.

This is a hybrid position (remote/on-site in Jersey City, NJ). Candidates must be able to regularly travel to the office in Jersey City.

Veris Residential, Inc. has a proven record of success along with competitive compensation and an excellent benefits package which includes medical, dental, vision, FSA/DDC, company paid life insurance, supplemental insurance programs and 401(k).

Put your career on our fast track to success by contacting us now!

For more information, log on to www.verisresidential.com.  Resumes are also accepted by fax.

732.590.1005

Veris Residential is an equal opportunity/affirmative action employer.  Veris Residential does not discriminate against applicants on the basis of race, creed, nationality, sex, color, religion, national origin, ancestry, age, genetic information, mental or physical disability, marital status, familial status, domestic partnership status, civil union status, affectional or sexual orientation, gender identity or expression, atypical cellular or blood trait, military status or any other category protected by federal, state or other law applicable in the location of employment.