Senior Director Information Technology/IT Security
Posted on Apr 20, 2022 by Request Technology - Craig Johnson
*We are unable to sponsor for this permanent Full time role*
*Position is bonus eligible*
Prestigious Fortune 500 Company is currently seeking a Senior Director Information Technology that will function as Head of IT Security. Candidate will be responsible for ensuring that information technology security risks are properly identified and addressed within the enterprise. Candidate will establish policies and solutions that enforce security best-practices to maximize protection and resiliency. This senior leader will interact business and IT stakeholders to develop secure solutions that mitigate high-risk areas.
- Implementation of industry leading practices around cyber risks and security for on-prem and cloud solutions
- Designing and developing security policies, standards and procedures eg Firewall management, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management.
- Support security aspects of business & IT initiatives by assisting in architecture, design, implementation, deployment, and operational transition of innovative & secure technology solutions.
- Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies.
- Play an advisory role in IT projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Complete remediation activities and initiate actions to ensure that compliance and security gaps are successfully addressed.
- Evaluate security controls employed by technology services providers to ensure information assets are adequately protected.
10+ years' work experience in information security and/or related functions (such as IT Audit, Risk Management or Security Architecture).
During recent history, candidate must have demonstrated exceptional ability to assess and communicate information security concepts and practices, with both business and IT stakeholders.
Exposure or understanding of the following concepts, practices, and technologies: network security and perimeter security, Firewalls, IDS/IPS, SIEM, Workstation, mobile device, and network design standards.
Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project.
Strong people skills, collaborative ability to work with IT stakeholders inside and outside of the organization, able to mentor team members with diverse backgrounds.
Ability to formulate network security architecture vision and translate vision into execution.
Thorough understanding of Information Security frameworks and good practices (eg CSA), and proven ability to strike a balance between an academic and pragmatic approach.
Experience with one or more major cloud technologies like AWS, Azure, or Google cloud.
Has participated in the design, implementation, and migration to a cloud environment.
Specially have working experience to the following cloud security concepts; identity and compliance related disciplines such as IAM, account management, storage policies, WAF, DDoS, compliance tools, key management, logging and monitoring, data protection, etc.
Strong analytical, problem solving, and critical thinking skills to drive efficiencies and continuous improvement
Strong verbal, written, and presentation skills demonstrating ability to effectively partner and negotiate with people at all levels within the organization as well as vendors and partners
Recent hands-on experience with an ITSM toolset (Remedy, ServiceNow, etc.)
Must be able to work independently, exercising sound judgment and initiative
Perform well under pressure and stressful situations
Bachelor's Degree in Computer Science or similar areas of study, or a directly related field with 8 or more years of work experience
CISSP certifications preferred