Director IT Security

The Director of Information Security is responsible for designing, creating, implementing, and overseeing strategies and programs to mitigate information security risks across the company. This role involves leading the enterprise-wide information security and assurance function, ensuring that the confidentiality, integrity, and availability of information systems and assets are appropriately identified and managed. The Director will establish and implement strategies that have a short to mid-term impact (1-3 years) on business results, aligning with the organization's strategic objectives.

• Manage, lead, and motivate the team to deliver results by communicating goals and deadlines. Engage and develop teammates through effective performance management, coaching, and training. Implement continuous improvement methods.
• Provide strategic leadership while interacting with business leaders (including Legal and other business leaders) to ensure that Information Security programs address business needs for protection and proactively identify threats. Stay current with the latest cybersecurity trends, threats, and technologies.
• Develop, implement, and operate relevant strategies to protect, detect, and respond to cyber threats within the enterprise.
• Maintain an effective information security awareness training program, a broad threat protection portfolio, intrusion detection capability, and incident response processes for proactive reaction to information security breaches.
• Develop and implement information security standards, processes, procedures, and guidelines for the enterprise.
• Manage data outputs of security monitoring tools and proactively drive appropriate security measures to protect the enterprise and end users.
• Serve as a subject matter advisor and point of escalation, becoming actively involved as required to meet schedules and resolve highly complex security problems.
• Proactively manage issues, including timely resolution and identification of remediation opportunities. Identify and resolve systemic issues to prevent recurrence.
• Work with system administrators and application developers to audit, monitor, and validate their environment's security, including conducting gap analysis and other comprehensive internal assessments of existing systems to improve the security infrastructure and mitigate risks.
• Have direct responsibility for PCI security deliverables.
• Establish, document, and distribute security incident response and escalation procedures to ensure timely and effective handling of all situations.

• 8+ years of experience managing cybersecurity and the technical execution of a cybersecurity program, including the utilization of Security Information and Event Management (SIEM), Security Orchestration and Automated Response (SOAR), eDiscovery, Forensics, and Active Directory.
• 8+ years of experience supporting and managing international IT/IS teams in the cybersecurity field.
• Proven track record and experience in developing information security programs, policies, and procedures, including successful implementations in large enterprise environments.
• Preferred experience with Payment Card Industry (PCI), Personally Identifiable Information (PII), COBIT/ISO.
• CISSP certification is preferred.