Director - Information Security
SUMMARY:
The Director - Information Security is a "CISO" type role. This is the role of a strategic leader responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. This role will report directly to the CIO and will be responsible for directing staff in identifying, developing, implementing, and maintaining processes across the organization to reduce information and information technology (IT) risks, respond to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures. Leads company's IT technological strategies in support of the company's mission and core objectives, providing leadership, vision, and management of IT Teams. Ensures the effective operation of all IT systems and functions. Accountable for the management, mentoring, and career development of the IT staff members.
PRIMARY RESPONSIBILITIES
Strategic Planning and Financial Oversight
- Develops and maintains a culture of security that emphasizes the enterprise-wide responsibility for ALL COMPANY employees.
- Develops and maintains a comprehensive cloud security strategy aligned with the organization's overall security objectives and the larger organizational cloud strategy.
- Assures the alignment of IT and business strategy with particular focus on thought leadership and innovation. Must be able to design and execute multi-year road maps in order to transform COMPANY environment and collaborate with COMPANY, SBR and copany entities for technological efficiencies.
- Develops strategic annual and long-term business plans and operational budgets for responsible IT areas.
- Tracks implementations to ensure financial and service targets are met according to timelines.
Leadership and Operations Management
- Creates a security strategy and roadmap to drive the organization towards a more secure future.
- Directs and manages IT Department activities and operations. Leads multiple teams of various levels of employees and consultants through the prioritization and implementation of project-related activities.
- Provides motivational career development and assessment of team members.
- Fosters and encourages a diverse, inclusive team.
Service Delivery and Stakeholder Management
- Drives the incident response plan for the organization enrolling leadership to follow a well-rehearsed plan when a cyber event occurs.
- Oversees and negotiates service level agreements with internal and external stakeholders.
- Tracks service delivery to ensure agreed targets and standards are met.
- Directs relationships with vendors and ensures that vendors meet COMPANY business objectives/objectives, SLAs, and deliverables in a timely manner and within budget guidelines.
- Interacts with major suppliers, overseeing RFPs, bids, contracts, and service agreements.
Project Planning and Resource Allocation
- Directs the design and implementation of security solutions that are secure, scalable, reliable, and cost-effective.
- Determines the value and ROI of every IT-related project. Prioritizes the scheduling and implementation of major IT projects to ensure the efficient utilization of resources.
- Identifies IT resources required to meet defined business objectives.
- Develops and defends opportunities for continuous creative improvement of processes and systems. Acts as a change agent for new technologies and processes in the COMPANY environment.
- Oversees the creation and maintenance of policies and procedures that protect the organization's computing infrastructure and data.
Policy Development and Implementation
- Collaborates with Legal and Government Relations/Compliance teams to ensure compliance with relevant laws, regulations, and policies.
- Advocates for changes in other departments' practices to ensure compliance with security policies.
- Directs the planning, production, and implementation of information and for COMPANY technology-related systems policies, procedures, and regulations.
QUALIFICATIONS
- Demonstrated senior-level IT management experience, adept at shaping and executing complex IT strategies.
- Executive presence in gaining consensus across all parties.
- Proven track record managing budgets ranging from $4 million to $10 million, showcasing financial acumen in IT operations.
- Proficiency in articulating intricate technical concepts to non-technical stakeholders in a clear concise manner.
- Proficient in leading multiple IT disciplines, including software development, technical support, and systems architecture, showcasing adept project management skills.
- In-depth understanding of computer systems, applications, operating systems, and robust knowledge of data security protocols. Ability to ensure all systems are secured at all times.
- Strong negotiation skills and a collaborative approach in dealings with third-party IT business partners.
- Critical Thinking and Decision-Making (proficiency: High): Advanced decision-making and problem-solving skills, essential for navigating complex IT landscapes and quickly addressing challenges.
EDUCATION/EXPERIENCE
- BA/BS in Information Technology, Business Development, or a related field required.
- Master's Degree Information Technology, Business Development, or related field preferred.
- 12-15+ years of relevant professional experience.
- 5-7+ years in a similar size company and with relevant achievements
IMPORTANT DETAILS
- This role does not support a work sponsorship therefore candidates MUST be eligible to work in the US and is not a C2C position
- Benefits and 401K are provided
- Hybrid Role - Remote work 2 days per week (after 90 days) [Wednesdays & Fridays]