Director of IT Security & Compliance / Information Security Officer (ISO)
Our client is looking for a Director of IT Security & Compliance/Information Security Officer (ISO) to join their team! In this role, you will define and execute IT and data security strategies to enhance reliability and security of IT systems, projects, and underlying data to ensure that information assets are protected. This will include development and implementation of security standards, policies and procedures, awareness and training plan, and overall information security framework.
- Lead in investigation, remediation, and documentation of security breaches and cyberattacks
- Initiate the appropriate actions to protect information assets, including disciplinary and legal matters
- Oversee the planning and execution of vulnerability scans, penetration testing and cybersecurity forensic activities for IT audits and incident responses
- Determine acceptable levels of risk with executive management, provide risk assessments, and executive summaries
- Partner with legal, audit, and Human Resources management on litigation requirements
- Liaise with internal/external entities for electronic collection, analysis, and audits
- Work with third-party consultants, stakeholders, vendors, and solutions providers on security implementations
- Serve as ISO liaison on various committees
- Manage data loss prevention systems and coordinate implementation plans, security product purchase proposals, and project schedules
- Oversee log management review activities and the distribution of SSL and encryption keys Perform final review and approval of firewall modifications and weekly vulnerability scans on systems
- Review procurements and contracts to ensure integration of proper security language
- Ensure compliance with disaster recovery and business continuity planning through annual review and update
What Gets You the Job?
- 10+ years’ hands-on experience in managing, designing, implementing and/or auditing information technology security programs
- Bachelor’s Degree in Business Administration or a technology-related field
- Certified Information Systems Auditor and/or Certified Information Systems Security Professional
- Proficient with information security management frameworks such as ICSUAM Section 8000, ISO/IEC 27001, and NIST
- Experience with Palo Alto Prisma Cloud Security and Cortex Endpoint Security, Dell SecureWorks, Acunetix, Cloudlock, BitGlass, Qualys, EnCase, Paraben
- Ability to identify and interpret state and federal laws, company guidelines, and executive orders concerning procedures (i.e., GDPR and CCPA security policies) and data (i.e., handling, access, storage, disposal)
- Familiarity with network security policies and best practices for security network topologies
- Expertise in information investigation and litigation process
- Excellent communication skills (written and verbal) including technical documentation, reports, etc.
- Strong prioritization and time management skills
Send us your resume today!
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.