• Job Description

  Req#: 29090
  Overview
  
  
  The Director of Information Security willlead our enterprise-wide information security program. This role is responsible for developing and implementing robust security strategies, managing risk, ensuring regulatory compliance, and fostering a culture of security awareness across the organization. The ideal candidate will bring deep technical expertise, strong leadership capabilities, and a proactive approach to managing evolving cybersecurity threats.
  
  Responsibilities
  
  
  Leadership and Strategy
  • Direct and lead the information security team, establishing and implementing enterprise-wide security strategies and procedures.
  • Mentor and develop team members, promoting a culture of continuous improvement, accountability, and innovation.
  • Serve as a trusted advisor to business units, providing guidance on security risks and mitigation strategies.
  • Align security initiatives with business goals and risk tolerance.
  Operational Management
  • Conduct and oversee comprehensive risk assessments, audits, and vulnerability analyses across the organization.
  • Develop, implement, and enforce security policies, standards, and procedures aligned with frameworks such as NIST, ISO 27001, and CISA.
  • Ensure compliance with data protection laws and industry regulations including GDPR, HIPAA, SOX, and PCI DSS.
  • Provide regular reports and updates to executive leadership on the status of the information security program and emerging threats.
  • Maintain strong collaboration with Development, Infrastructure, and Network teams, as well as business units, to ensure alignment and integration of security objectives.
  • Lead the response to security incidents, ensuring timely investigation, containment, and resolution. Maintain and test incident response plans.
  • Stay current on evolving cybersecurity threats, technologies, and best practices.
  
  Qualifications
  
  
  • Bachelor’s degree in Information Security, Computer Science, or a related field; Master’s degree preferred.
  • Minimum of 10 years of experience in information security, with at least 5 years in a leadership role.
  • Strong knowledge of cybersecurity frameworks and standards (e.g., ISO 27001, NIST, CIS).
  • Proven experience in risk management, incident response, and regulatory compliance.
  • Relevant certifications such as CISSP, CISM, or CISA are highly desirable.
  • Deep technical expertise in areas such as network security, application security, and cloud security.
  • Proficiency in security tools and platforms including SIEM, vulnerability management, and endpoint protection.
  • Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels.
  • Strong analytical and problem-solving skills with the ability to manage multiple priorities in a fast-paced environment.
  • Experience in developing and managing budgets for security initiatives.
  • Awareness of emerging cybersecurity threats, threat intelligence, and threat hunting techniques.
  #li-EG1
  
  
  • Bachelor’s degree in Information Security, Computer Science, or a related field; Master’s degree preferred.
  • Minimum of 10 years of experience in information security, with at least 5 years in a leadership role.
  • Strong knowledge of cybersecurity frameworks and standards (e.g., ISO 27001, NIST, CIS).
  • Proven experience in risk management, incident response, and regulatory compliance.
  • Relevant certifications such as CISSP, CISM, or CISA are highly desirable.
  • Deep technical expertise in areas such as network security, application security, and cloud security.
  • Proficiency in security tools and platforms including SIEM, vulnerability management, and endpoint protection.
  • Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels.
  • Strong analytical and problem-solving skills with the ability to manage multiple priorities in a fast-paced environment.
  • Experience in developing and managing budgets for security initiatives.
  • Awareness of emerging cybersecurity threats, threat intelligence, and threat hunting techniques.
  #li-EG1
  
  
  Leadership and Strategy
  • Direct and lead the information security team, establishing and implementing enterprise-wide security strategies and procedures.
  • Mentor and develop team members, promoting a culture of continuous improvement, accountability, and innovation.
  • Serve as a trusted advisor to business units, providing guidance on security risks and mitigation strategies.
  • Align security initiatives with business goals and risk tolerance.
  Operational Management
  • Conduct and oversee comprehensive risk assessments, audits, and vulnerability analyses across the organization.
  • Develop, implement, and enforce security policies, standards, and procedures aligned with frameworks such as NIST, ISO 27001, and CISA.
  • Ensure compliance with data protection laws and industry regulations including GDPR, HIPAA, SOX, and PCI DSS.
  • Provide regular reports and updates to executive leadership on the status of the information security program and emerging threats.
  • Maintain strong collaboration with Development, Infrastructure, and Network teams, as well as business units, to ensure alignment and integration of security objectives.
  • Lead the response to security incidents, ensuring timely investigation, containment, and resolution. Maintain and test incident response plans.
  • Stay current on evolving cybersecurity threats, technologies, and best practices.

• About the company

Notice