Sr. Director, Information Security
Sorry, this job was removed at 11:29 a.m. (MST) on Monday, November 11, 2019
By clicking Apply Now you agree to share your profile information with the hiring company.
Senior Director, Information Security
ESSENTIAL RESPONSIBILITIES AND DUTIES
Implementing and directing the Information Security Program:
- Develop and implement information security strategies, policies, and standards across all applications, systems, and lines of business
- Implement and direct security awareness programs including customized communications where appropriate
- Support compliance with laws, regulations, industry standards (e.g., HIPAA, PCI)
- Assist Legal with customer and vendor contractual negotiations related to security and data privacy obligations
- Develop and implement secure software development lifecycle policies/procedures
- Develop and implement computer security incident response and computer forensic investigations plans
- Conduct research on new security technologies through vendor and strategic partner engagements
- Develop and implement environmental and physical security policies/procedures
- Oversee disaster recovery and business continuity planning and standards
KNOWLEDGE/ SKILLS/ ABILITIES
- Experience in the technology industry
- Strong experience in information security program development
- Working knowledge of security & risk assessment methodologies and mitigation strategies using industry standards (e.g., COBIT, ISO 27001/2, and NIST 800-53)
- Working knowledge of federal and state data protection laws (e.g., GLBA, HIPAA, PCI-DSS, State Breach Notification Laws, FCRA, GDPR, etc.)
- Strong leadership and interpersonal skills; ability to work with all levels of internal staff, customers, and prospective customers
- Strong project management, planning, and budgeting skills
- Excellent written and verbal communication skills; strong presentation skills
- Proficient in Microsoft Office (Excel, Word, PowerPoint, Outlook, and Project)
- Highly detail-oriented
- Ability to work on multiple projects and deliverables simultaneously
- Ability to handle confidential customer and company information
- Self-starter with ability to work with minimal supervision
- Possesses a strong sense of urgency and ownership over projects and deliverables
QUALIFICATIONS
- MUST HAVE: Proven experience in managing information security programs and strategies in a software-related technology company
- OVERALL EXPERIENCE: At least 10 years of direct experience in information security, information systems, IT audit, or IT risk management. At least 7 years of experience in management or leading cross-functional teams
- EDUCATION: Bachelor's degree in Information Security, Information Technology, Business, or related field required; MS or MBA preferred
- CERTIFICATIONS: Certified as a CISSP, CISM, or C-CISO preferred
Read Full Job Description