Full-time
Director of Information Security

 


Director of Information Security


Non-Profit Organization


New York City


 


This organization has a significant digital and enterprise systems online presence and must ensure its safe operation.  As part of the newly formed security team, you will play a significant role in protecting our presence against active and persistent online threats.  You will also be involved in driving the creation and development of our best practices.


Reporting to the Chief Technical Officer., the Director of Information Security will support the design and development of information security programs to serve the needs of the organization.


 


He/she will:


  • Provide leadership and support across the life cycle of new and ongoing projects

  • Help design, implement, and operate information security best practices and processes

  • Provide guidance and support in the selection of security technology solutions

  • Lead the implementation of information security programs, to include identity management, network/endpoint/data protection, threat and vulnerability management, security software development, security monitoring and incident response, insider threat, and security awareness

     

    DUTIES AND RESPONSIBILITIES


  • Build, hire, and mentor a small information security team (three to five direct reports)

  • Understand existing processes and controls with respect to information technology and security

  • Coordinate with security specialists, network engineers, system engineers and web application engineers to determine security risk issues

  • Manage third party IT relationships, including managing security services as required

  • Develop IT security risk metrics wherever possible and identify issues that put the organization or its related entities at risk

  • Maintain documentation surrounding the dynamic IT environment and security risk analyses

  • Manage IT projects developing network and security architectures as related to identity management, access privileges, delegated administration models, workflow and access control models

  • Understand current regulatory environment and related implications to compliance


  • Assist in developing standards, policies and procedures to enable a productive IT environment

  • Review incoming IT project proposals for risk, architectural impact, strategic alignment and impact

  • Drive the evaluation of solutions, selection of technologies and enact strategic decisions based on established standards and existing architecture

  • Support and shepherd the IT organization’s Guiding Principles that state that, whenever possible, our solutions will be:

    • Web-based

    • Integrated, scalable, standardized, enterprise-grade and well-supported

    • Digital first, mobile first

    • Driven and supported by well documented business requirements

    • User-centric, client-driven, and customer-service oriented

    • Bought rather than built

    • An enabler of data-driven decision making

       


PERSONAL QUALITIES / OTHER ATTRIBUTES


The Director of Information Security will demonstrate the following: Collaborative work style; able to facilitate amongst diverse communities and individuals; can inspire top performance in others; willingness to pitch in/jump in


  • Comfortable in ambiguity; able to create clarity and understanding

  • Experienced in getting to “yes” in a collaborative, consensus driven style

  • Enjoys operating in a fast-paced and demanding environment; a nimble and flexible style

  • A direct and open style; creative, out-of-the-box thinker who can translate concepts and ideas to broader audience

  • A smart and confident leader with a clear and informed opinions who has experience leading teams while being able to prioritize and manage conflicting priorities for self and others

  • Deep appreciation for mission of the organization

  • Diplomatic style; and high emotional intelligence

  • Integrity, independent thinking, and personal courage


REQUIREMENTS/TECHNICAL EXPERTISE


 


  • Bachelor’s degree required; Masters in relevant field preferred

  • Preference given to SANs and/or GIAC certification ; at least one IT security certification (CISA, CISM, CISSP, OSCP, OSCE, )


  • At least seven years of experience in information security

  • Creative, out-of-the-box thinker

  • Self-motivated, able to work successfully as an individual contributor or as a team member

  • Organized with attention to detail; proven ability to conceptualize, plan and execute ideas while providing training and skills transfer to other

  • Previous experience with at least one of the following information security frameworks: HIPAA, NIST, ISO 27001, PCI, SANS 20


 


TRAVEL


 


  • Minimal


 


DIVERSE CANDIDATES ARE ENCOURAGED TO APPLY


This is an equal employment opportunity employer and is committed to maintaining a non-discriminatory work environment, and does not discriminate against any employee or applicant for employment on the basis of race, color, religion, sex, national origin, age, disability, veteran status, marital status, sexual orientation, gender identity, or any other characteristic protected by applicable law. The organization is committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation. 


Interested individuals should email a resume, cover letter and compensation information to Glenn Bass: gbass@siplacement.com.


 


 

 

Expired, click here to search for relevant jobs

Around the Network