Director Of Information Security

Tailor Your Resume for this Job

Job Overview
The Director of Information Security will report to the CISO, and be responsible for establishing information security operations standards and policies. The DIS will recommend Information Security investments which mitigate cyber and insider risks, strengthen defenses, and reduce vulnerabilities for development, internal and client facing systems and products. In this role, the DIS must be able to not only define a strategic vision, but must also be able to implement and execute against it. The DIS is responsible for design, implementation, and maintenance of controls and procedures to ensure the integrity and security for all computer-based systems and networks across all technical platforms. In addition, the DIS will oversee the Access Management onboarding and offboarding functions. The DIS will be responsible for Security Operations Center (SOC) functions including, but not limited to system monitoring, vulnerability analysis, and incident response. The DIS will work closely with other business groups and stakeholders, including Legal, Compliance, Audit and Risk ensuring the protection of information and assets including data, systems, databases, networks, and other resources.

Responsibilities

• · Develop, implement and monitor a strategic, comprehensive enterprise information security operations program.

· Leverage information security experts and technology to support a secure infrastructure, secure applications, and overall data security.

· Ensure compliance with organizational security policies and standards; proactively work with business units to implement practices that meet defined policies and standards for information security.

· Create content to be included in company security awareness training programs.

· Provide subject matter expertise to executive management on a broad range of information security standards, best practices, and compliance requirements.

· Work with developers and architects to ensure security is built into the development cycle.

· Coordinate the performance of internal and external network and systems vulnerability assessments and penetration tests.

· Coordinate organizational efforts in response to security events.

· Coordinate use of external resources involved in the information security program including negotiating.

· Develop business-relevant metrics to measure the efficiency and effectiveness of security operations, facilitate appropriate resource allocation, and increase the maturity of security operations.

· Provide oversight and accountability of the day-to-day security operations and/or other administrative areas.

· Develop and maintain the security function of maintaining security access to corporate communication and computing systems including all onboarding and off boarding functions

· Oversee on-going security monitoring of organization information.

· Assess information security risk as well as conduct functionality and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements.

Skills

• · 7+ years of experience in the information security field and 5+ years of leadership in an information security role

· 5+ years managing a security operation in premise-based, cloud, and hybrid infrastructures

· 5+ years managing identity and privileged access management systems

· BA/BS required, MS in Information Security or other relevant post-graduate degree a plus

· Experience with Financial industry compliance regulations

· CISSP or CISM, CEH, CHFI certifications preferred

· NIST, PCI-DSS, and SOC2 compliance experience required

· Experience in developing an entrepreneurial organization is significant advantage

· Proven experience with current information security technologies

· Demonstrated understanding of technological developments in the areas of information security

· Ability to drive execution of aggressive goals through effective planning, prioritization, resource management and follow through

· Proven track record of building influential relationships with internal customers; ability to influence across departmental lines without direct authority

· Ability to think strategically and identify and understand business needs and translate into strategic direction, plans and solutions

· Experience working with business process reengineering and IT solutioning; experience working on project teams bringing together both business & technology. Capable of explaining technical concepts to a non-technical audience

· Superior verbal and written communication skills, including ability to tailor communications based on audience

· Experience leading people with demonstrated ability to attract, develop, motivate and retain talent

· Proficiency in interpreting financial results and business data to identify opportunities and risks

Join us in this critical role where you will have the opportunity to shape our information security landscape while protecting our organization from evolving cyber threats.

Supervisory Responsibility

Supervisory Experience Required.

Job Type: Full-time

Pay: $129,859.00 - $143,126.00 per year

Schedule:

• 8 hour shift
• Monday to Friday

Ability to Commute:

• Spartanburg, SC 29302 (Required)

Ability to Relocate:

• Spartanburg, SC 29302: Relocate before starting work (Required)

Work Location: In person