Director of Information Security

Director of Information Security

Security

  • Post Date: July 27, 2019
  • Apply Before: January 23, 2020
Job Description
One of the world’s leading travel companies is looking for a dynamic Director of Information Security to join their talented tech team. This position is integral to ensuring that the company is compliant with all laws (state and federal), policies, and directives. The Director of Information Security will also include establishing all information security plans and managing operations processes for monitoring and sustaining information security. This position will also stay aware of all current and developing information security regulations, threats, and technologies.
 
What you’ll do in this position:
 
  • Recognize, assess, and report all information regarding security practices, risks, and projects to the Board of Directors and Management Team
  • Create a multi-year security strategy that adequately protects our company’s assets
  • Be the expert on all security and privacy standards as well as best practices (PCI, SOX, HIPPA, etc.)
  • Spearhead the development of all current information security policies, standards, guidelines, and procedures; monitor their approval and maintenance
  • Make sure that the information security management program is compliant with applicable laws, regulations, and contracts (as needed)
  • Monitor the assessment, selection, and application of effective and efficient information security solutions 
  • Collaborate with infrastructure, application, and architect teams to make sure technologies are both developed and maintained per security policy
  • Actively manager intrusion detection and vulnerability evaluations, both internal and external IT audit reviews, and coordinate the necessary fixes
  • Design metrics and dashboards to measure the effectiveness of the security management program as well as increase the maturity of the program over time
  • Monitor the industry and external environment to identify any threats and advise appropriate courses of action
  • Work with law enforcement and other appropriate parties when needed to ensure the company’s security measures
  • Design and execute a  thorough incident response plan; monitor the investigation of any and all security breaches and any associated disciplinary actions, PR, and legal matters.
 
Skills you’ll need for this position
 
  • A Bachelor’s degree in engineering, computer science, or a related field. Graduate degree preferred
  • No less than 10 years’ IT and/or business leadership experience
  • 5 or more years’ experience with information security/cybersecurity
  • Very advanced knowledge of information security systems architecture, information security technologies, integration of systems, networking, and system design
  • Proven experience with development and successful implementation of various security policies and procedures
  • Ability to effectively communicate security and risk-related concepts to technical and non-technical audiences
  • Ability to inspire and motivate cross-functional teams to achieve goals
  • Phenomenal problem solving and leadership skills
  • Excellent written and verbal communication skills
  • Experience with vendor and contract negotiations
  • Knowledge of various security, risk and control frameworks
  • Familiarity with cloud, SaaS, and IoT architectures (and their implications for internet security)
  • Professional Certifications (e.g. CISSM, CISA, CISM)

escort konya escort eskişehir escort izmit escort bursa escort halkalı