This Job Vacancy has Expired!

Information Security Director (remote)

The Royak Group Inc.

Posted on Oct 30, 2021 by The Royak Group Inc.

Not Specified, PR
IT
15 Nov 2021
$180k - $180k Annual
Full-Time

Description:

Responsible for the protection of company's enterprise infrastructure and information assets through strong and effective security practices and proactive planning and management and monitoring of networks, systems and applications. Establishes and administers the overall strategies and procedures for the information security function. Develops and implements information security in accordance with organizational information security standards. Evaluates information risk on a regular time schedule and promotes information security awareness within the organization. Ensures that adequate and effective security processes and controls are followed and aligned to deliver compliance with security policy and regulatory requirements. Serves as a key point of contact and technical expert supporting the security program, establishing appropriate assessments, managing and tracking risk mitigation and remediation activities, and communicating security program results to Senior Management.

Duties & Responsibilities:

  • Provide coaching, mentoring, training and feedback to IT Information Security staff to aid in development of new skills and refinement of current skills
  • Manage all staff personnel issues including reviews, corrective discipline and counseling
  • Monitor and evolve Information security processes and controls and perform and/or oversee periodic risk assessments to identify current and future internal and external security vulnerabilities
  • Ensure adequate and effective security controls are in place to meet current and future security compliance and regulatory requirements
  • Work effectively in partnership with the Enterprise Information Technology Team to ensure the timely review and deployment of secure infrastructural solutions for the company.
  • Identify information security weaknesses and/or gaps in the current operations and work with other teams to bring information security operations up to standards
  • Participate in the design and planning functions of IT projects to ensure security is considered early and often by stakeholders
  • Provide hands-on technical expertise as needed
  • Establish and deliver meaningful and actionable security metrics and reports as prescribed by the CIO and the company's Internal Audit Function
  • Identify/recommend tools, processes, software, and hardware to improve or replace current security infrastructure practices, services, or technologies to meet future requirements
  • Manage and lead remediation efforts related to information security (eg, from incidents, penetration tests, vulnerability scans, internal/external audits and assessments)
  • Understand business activities performed by company and suggest appropriate information security solutions that adequately protect these activities
  • Promote security awareness across the enterprise via effective security education, training, and awareness programs
  • Define security requirements and audit systems to determine if they have been designed and established to comply with established standards

Qualifications:

  • In-depth knowledge of current security trends, threats and best practices
  • Extensive experience with Firewall administration, web application security, penetration testing, intrusion detection systems, data encryption and other industry-standard techniques and practices
  • Experience with implementing, monitoring and maintaining security tools such as IDS/IPS, SEIM, malware protection, email security, data loss prevention, etc.
  • Solid understanding of information security principles, attack vectors and techniques
  • 8+ years of experience in Information Technology
  • 5+ years of experience in Information Security
  • 5+ years of managing or leading an Information Technology team
  • Bachelor's degree in Information Technology, Computer Science or related discipline (or an equivalent of education and experience)
  • Certificates relevant to Information Security are preferred (eg, Security +, CISSP, GSEC)
  • Excellent interpersonal skills to effectively train and mentor junior level personnel
  • Knowledge of applicable practices and laws relating to data privacy and protection
  • Ability to build and maintain strong relationships across the enterprise
  • Ability to maintain confidentiality
  • Ability to communicate technical concepts to non-technical audiences
  • Strong organization, planning and prioritization skills
  • Strong written and verbal communications skills

Reference: 1383938667

Set up alerts to get notified of new vacancies.