Job Description

Director of Information Systems Security

Client – Leader and innovator in their industry continues to show rapid growth. Fantastic offices and work environment, supportive of your life and your efforts. True team environment. Visible position. eCommerce company, thriving and growing, seeks to add a Security Director to their team. Newly created position reflecting growth within the firm.

This position is responsible for all aspects of our IT Technology security ensuring the integrity, confidentiality, and availability of information, networks and systems. Direct responsibilities include developing, maintaining, and executing a strategic roadmap for information security and risk management that includes oversight of the security architecture, controls, processes, standards, policies, and procedures. Responsibilities also include coordination of technology security personnel, projects, risk assessments, investigating and resolving IT security incidents, providing security support and supervising project teams in the design, configuration, testing, and deployment of technology security solutions.

Essential Job Functions

  • Define the security direction for the organization, including systems, networks, user services, in-house infrastructure, leveraged cloud providers, and vendor development efforts
  • Monitor overall IT Security Operations effectiveness on a global basis, across all business units
  • Consult with senior management and internal clients across multiple business units on complex security topics and policy interpretation
  • Exceptionally strong oral and written communication skills, collaboration skills, and experience in presenting technical issues to all levels of management, as well as non-technical staff
  • Contribute to helping others learn industry security tradecraft
  • Analyze technology risks (security, availability, capability, efficiency and integrity) and provide recommendations to enhance the security control procedures
  • Coordinate with stake holders to identify business impact and data classification of assets
  • Develop strategies to effectively use the current security systems and tools to proactively protect and monitor our security posture
  • Establish metrics and KPIs to effectively communicate the current security state of the environment
  • Contribute in developing processes to effectively handle incident response for security events and coordinate investigative activities involving IT security
  • Develop relationships and engage with industry partners, Security Information Exchanges, and other groups to assess industry advances in technical security technologies. Assess security industry trends and provide consultation, recommendations, and implementation advice on emerging technologies
  • Participate in the long-term strategies and planning for security and technical architecture and operations
  • Design system security architecture and develop detailed security designs
  • Other security-related projects that may be assigned according to skills

Job Requirements

  • 4 year undergraduate degree is required, with a strong preference for a technical discipline such as Computer Science or Information Security.
  • 10 years of experience in a combination of security, risk management and technology jobs
  • 5 years of experience as a manager of high-performing technology security teams with job history demonstrating increasing levels of responsibility
  • Achievement of an advanced security-related certification (CISSP, CISM, GSLC, etc.)
  • Knowledge and understanding of relevant information security industry and regulatory obligations (ISO 27001/27002, SOX, PCI, NIST Framework, FISMA, HIPAA, NACHA, SSAE-16, etc.)
  • Experience with information security frameworks such as COBIT, ITIL, etc.

Desired Requirements

  • Advanced degree
  • Mastery understanding of modern enterprise cyber security
  • Proven track record and experience in developing security policies, procedures and standards while successfully executing security projects
  • Strong project management skills and experience in creating and managing projects
  • Proficiency in performing risk, business impact and vulnerability assessments and defining risk mitigation strategies
  • Strong understanding of the business impact of security tools, technologies and policies. Ability to develop and articulate a compelling business case for recommended actions
  • Demonstrated ability to bring conflicting viewpoints to consensus
  • Strong oral and written communication skills, collaboration skills, and experience in presenting technical issues to all levels of management, as well as non-technical staff

 

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online