Senior Director of IT Security

anunciocaducado

Detalles del trabajo

Area del puesto: Servicios Generales / Varios

Publicación: hace 3 años
Ubicacion del puesto: Florida - Estados Unidos
Trabajo remoto: No
Descripción

Please send resume in Word format if you are interested in this Senior Director of IT Security opening near Daytona Beach, FL 32114 (Orlando, Tampa, Jacksonville) area.

This is a HANDS ON role and the person should have experience w/ IT Security, App Security, & GRC (they want a jack of all trades). Salary for this role will pay in the $125K-$150K range and solid benefits!!!!! There will be a relocation package for this role as well. They need to hire yesterday and all interviewing will be done via phone and video.

If you are not interested, please forward to your network. AMS Staffing offers referral fees should they be hired. 

Job Title: Director of IT Security

Location:  Daytona Beach, FL 32114

Salary: $100K to $145K range + excellent benefits!!!

Term: Permanent / Full-Time Role

Please reply with an updated resume in Microsoft Word format.

You will be responsible for building a Security program from scratch for the most part and will be hiring 4-6 employees in the coming months. You will be assembling your team. They want someone w/ a personality, hands on Security exp, and the ability to navigate w/ different divisions w/in the company as well as vendors and C-level executives.

The Sr Director of Information Security is responsible for providing technical leadership around our client's Information Security Practice. The selected candidate is a hands-on management; responsible for development, implementation and management of information security for this enterprise. Collaborative leader is number one requirement.

The selected candidate is expected to be able to act in leadership roles and interface with a variety of team members throughout the organization. The candidate will lead a team of security specialists focused on Technology compliance and Technology security. Candidate is expected to be highly experienced in Systems Administration Practices, Software as a Service Applications and Compliance Management of SOX, PCI DSS, FRCP, PII (including HIPAA) and others.

ORGANIZATION: INFORMATION SECURITY

Reports to Vice President Enterprise Technology and directs the teams and functions of incident response, operations, engineering, identity and access management, and application security; establishes the information security strategy and develops roadmaps to help mitigate information risk.

SCOPE: SR. DIRECTOR, INFORMATION SECURITY

• 50% - Directs the organization’s teams, processes, and technologies, in alignment with corporate objectives, to deliver on the information security strategy.

• 20% - In partnership with the Vice President Enterprise Technology, establishes the information security strategy, vision and roadmap of information security efforts. Establishes operational plans and risk reduction roadmaps that deliver on the strategy.

• 15% - • Directs, coaches, and develops a team of 5 direct reports consisting of senior to entry-level infosec professionals.

• 15% - Oversees the information security contracts with third parties; budget preparation, projects planning, and internal/external reporting.

RESPONSIBILITIES

• Serve as an internal information security consultant to the organization monitoring advancements in information security technologies

• Monitor changes in legislation and accreditation standards that affect information security. Stay abreast of the latest thinking, technologies, and security literature.

• Initiating, facilitating, and promoting activities to foster information security awareness within the organization. Security Management/Leadership

• Ability to lead a team of direct reports responsible for Access Administration and Security Analyst functions.

• Ability to lead cross functional teams from Human Resources, Legal, Marketing, Technology and others in the management of day to day activities associated with Information Security

• Ability to lead cross functional project teams in the fulfillment of a project initiative • Responsible to work with broad team to complete annual PCI compliance and certification process.

• Point of contact for cyber liability insurance carrier. Work closely with our Risk team to stay aligned to renewals, changes, etc.

• Prepare key management reporting relating to the state of IT security for quarterly audit committee updates.

• Accountable for management of annual security awareness training.

• Prepare the annual operating and capital budget for IT Security. Review monthly expenses and ensure forecasting is accurate representing anticipated spend.

• Lead the IT Security Compliance Steering committee. Engage the committee on relevant IT security concerns that may impact business. Secure Systems Management

• Ability to plan and organize work consistent with the strategic goals

• Identify priority activities and assignments and to ensure the effective monitoring and implementation of work plans

• Reviewing all system-related information security plans throughout the organization's network.

• Monitoring and reporting of IT security events, incidents, and vulnerabilities.

• Ensure the integrity of host computers, servers, databases, laptops, firewalls and other devices for secure data transfer. • Troubleshoot and repair information security tool implementations.

• Assist efforts to determine information security frameworks, requirements, direction and system recommendations. • Maintain existing capabilities, make recommendations and implement appropriate up to date security technologies such as encryption, anti-virus software etc. as needed.

• Configure existing technologies in an effort to solve operational issues.

• Internal Control Management

• Monitor internal IT control systems to ensure that appropriate information access levels and security clearances are maintained. Risk Assessment

• Performing information security risk assessments and serving as the internal auditor for information security processes.

• Perform annual penetration testing and risk assessments against assets and processes. Disaster Recovery/Business Continuity

• Assist in preparing the organization's disaster recovery and business continuity plans for information systems. Policy and Procedure

• Documenting the information security policies and procedures.

• Implementing the organization's information security policies and procedures.

• Monitoring compliance with the organization's information security policies and procedures among employees, contractors, alliances, and other third parties, and referring problems to appropriate department managers or administrators. Documentation

• Compile, deliver, and maintenance of security/compliance documentation for internal and external consumption.

• Additional responsibilities as assigned by management.

CERTIFICATION REQUIREMENTS

• Requires one of two industry recognized certification credentials: Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)

• CEH: Certified Ethical Hacker

EXPERIENCE AND KNOWLEDGE REQUIREMENTS & EXPECTATIONS

• 10 or more years of experience in Information Security with minimum of 7 years leadership experience.

• Excellent coaching, management, technical, and analytical skills.

• Ability to plan, direct and control security programs and initiatives.

• Quick and effective assessment and judgment skills.

• Experience with Auth0 and AlertLogic a plus

• Able to work independently and consultatively to interpret and apply rules, regulations, policies and procedures.

• Demonstrate current knowledge of industry trends, standards and technologies.

• Excellent oral, written and communication skills is important in collaborating with colleagues and other teams across the organization.

• Ability to handle stress and work under pressure with professionalism.

• Ability to meet deadlines, self-motivated and self-managed.

• Ability to present to large groups and executive leadership

• Strong Technical Skillsets

• Competent with IDS/IPS systems operations

• Competent with Application and Infrastructure Scanning Systems

• Competent with Data Loss Prevention Products

• Competent with Internet Filtering Products

• Competent with Identity Management Solutions

• Competent with Security Log Management Solutions

• Capable of performing organization Information Systems Risk Assessment

• Capable of performing organization Attack and Penetration Testing

• Capable of coordinating Sarbanes Oxley Act Compliance Management

• Capable of coordinating Payment Card Industry Compliance Management

• Capable of coordinating Health Insurance Portability and Accountability Act Compliance Management

• Capable of coordinating Litigation Data Preservation Actions in accordance with the Federal Rules of Civil Procedure and associated rulings

• Capable of coordinating compliance actions associated with other compliance regulations Professionalism

• Professional competencies in computer engineering or related field of work

• Conscientious and efficient in meeting commitments, observing deadlines and achieving results

• Able to work independently with minimum supervision

• Capable of preparing reports and papers on technical issues

• Proven analytical skills to arrive at sound conclusions when dealing with complex issues

• Ability to contribute to the development of policies and to interpret procedures and guidelines Communication

• Excellent skills in communicating with people from different backgrounds and technical abilities

• Ability to communicate to Executive Leadership

• Ability to communicate complex technical items to non-technical individuals in a succinct and clear fashion Customer Orientation

• Skillful in identifying customer needs and establishing and maintaining effective relationships with internal and external stakeholders Decision-making

• Ability to make sound and timely decisions 

kravetz@sattel2.com

pnoetling@sattel2.com

Publica un trabajo como este
Denunciar empleo
Sobre el Anunciante
Military Advantage | Neuvoo
Estados Unidos