The Director of Information Technology (IT) Security will be responsible for developing, implementing, and monitoring strategic, comprehensive enterprise cybersecurity and IT risk management program. The Director, IT Security, will provide the vision and leadership necessary to manage the company’s risk and ensure business alignment, effective governance, system and product availability, integrity, and confidentiality. This position reports to the Chief Information Officer.
The Director of Information (IT) Security will:
- Provides the direction for company data and cybersecurity protection and oversees Technology governance and policies.
- Develops security strategy, security awareness programs, security architecture, and security incident response.
- Provides strategic risk guidance for IT projects, including evaluation and recommendation of technical controls.
- Educates IT and other leaders on appropriate security risk and mitigation strategies.
- Develops, maintains, and publishes up-to-date security policies, standards, and guidelines.
- Oversees training and dissemination of security policies and practices.
- Evaluates new cybersecurity threats and IT trends and develop effective security controls. Oversees development of security awareness programs.
- Develops and oversees effective disaster recovery policies and standards to align with company business continuity management program goals. Coordinates development of implementation plans and procedures to ensure business critical services are recovered in the event of disasters or other incidents and provide direction, support, and in-house consulting in these areas.
- Evaluates potential security breaches, coordinates response, and recommend corrective actions.
- Supervise staff as assigned in the performance of the job duties.
- Define and report on information security metrics.
- Provides project management and leadership to staff and external resources to support established goals and objectives, improved efficiencies, and problem resolution.
- Maintains current knowledge of the industry and regulatory trends and developments for enterprise technology.
The Director of Information (IT) Security must have:
- Bachelor’s degree in computer science, engineering, or other technical disciplines.
- Professional certifications are strongly preferred (e.g., CISM, CISSP, or similar).
- Strong knowledge and 7+ years of experience managing and/or directing IT security functions, programs, and operations.
- Proven experience in planning, organizing, and developing IT security and facility security system technologies.
- Experience in designing, planning, and implementing security policies, procedures, and standards.
- Excellent knowledge of technology environments ranging from on-premise, cloud (IaaS, PaaS, SaaS) in a global setting. Substantial exposure to data processing, hardware platforms, enterprise software applications, and outsourced systems.
- Demonstrated ability to apply IT in solving security problems.