Reports to : Associate Vice President of Finance & Chief Information Officer
The Director of Information Technology Security provides leadership in establishing policies, standards, and best practices in the following areas of information technology security: technology deployment,
identity management, privacy, disaster and emergency preparedness, including educational programming and response to security breaches and incidents to ensure adequate protection of the Company’s information assets. Responsible for identifying information security risks, improving information security awareness, assessing vendor security and developing information security solutions.
Duties and responsibilities :
Provide leadership, guidance and in developing, maintaining, and implementing IT security programs that address current and future business and security needs.
Develop a proactive information security program for information systems and collaborate with peers to ensure compliance across shared information systems.
Develop, maintain, and promote compliance with industry best practices and and Security Policies and Standards, including documentation, dissemination, and enforcement of
security-oriented business processes.
Conduct trainings such as information security awareness programs and incident response processes.
Working with Internal Audit and Legal Services, keep current with federal, state, and local information security laws and regulations.
Establish and implement compliance procedures, including incident response and management.
Participate in professional organizations to identify trends in information security and establish a strong contributor to local, regional, and national dialogues on information security
Provide trusted information security alerts and updates
Perform detailed risk assessments and analyses for new/revised products, services and projects, including recommendations for addressing the associated risks, threats and
Lead the IT Security Committee
Identify, promote and manage projects and initiatives to implement or optimize critical information security controls and services; recommend priorities for budget consideration.
Monitor, identify, investigate, track and report all information security violations, including leading the incident response process.
Manage, maintain, update, and coordinate the Business Continuity Program,
Primary contact with in-house staff regarding information security related issues and requests.
REQUIRED SKILLS AND ABILITIES;
Minimum of 5-7 years of direct experience working with IT information security.
5-7 years of experience performing risk assessments preferred.
5-7 years of experience with disaster recovery and business continuity planning preferred.
Strong analytical, problem-solving and interpersonal skills.
Highly self-sufficient, detail-oriented, and possess superior organizational and time management
Strong oral and written communication skills.
Ability to interact within all levels of management.
Ability to relate complex concepts in a user-friendly manner.
Key Partners is an established staffing and training organization that has been in business for over 30 years. Our services include direct...