The Vice President of Information Security reports to the Chief Information Officer. Responsibilities include:
• Develop and implement Information Security Program operating plan supporting the CIO vision and strategy for enterprise wide information Security Risk Management.
• Continually partner with company leaders and industry best practice consortiums to incorporate new regulatory mandate security controls into the existing Information Security Program.
• Continually evaluating vendor and partner security service level contracts, maintenance and staffing to ensure the balancing of effective Information Security control requirements.
• Work with senior IT, business management, and the IT PMO in supporting business goals, researching and assessing information security program needs.
• Ensure the business needs analysis aligns with overall Information Security Program goals, priorities and regulatory mandates such as PCI and Mass Data Security Law.
• Preparing, evaluating and presenting security solutions aligning with Information Security Program to senior management
• Identify recommendations for business engagement opportunities and improvements to ensure compliance, data integrity & protection and privacy goals meet our Information Security Program goals, priorities and requirements.
• Responsible for defining new requirements based on business strategy plans, regulatory requirements and industry essential practices for security and privacy.
• Participation in all aspects of budget planning for The Information Security Office.
• Lead all aspects of our vendor and application security risk management for applications and vendors.
• Develop and implement on-going training, awareness and communications program for enterprise Information Security Program risk management to all associates and leaders.
• Lead implementation of Information Security Strategies and operating plans including multi-year roadmap.
• Must be able to articulate and gain consensus on program objectives/plans at all levels of the company
• Work collaboratively with peers, key stakeholders and partners to recommend solutions for financial savings without impacting Information Security Program maturity.
• Assist CIO in the management of financial plans and budgets relating to information security.
• Recommend improvement opportunities to leadership to achieve goals and objectives and support cost effective business solutions for privacy and security.
• Provide communication on a regular basis on Information Security Program as to related key risk indicators, defined business metrics, and high risk exposure to senior level stakeholders
• Evaluate current business processes and identify and evaluate gaps with industry benchmarks and current trends. Develop, deliver (written and verbal), and reach agreement on high-level recommendations and the strategy for implementing proposed business/system changes that address key risk indicators.
Must have experience with enterprise Information Security and best practices.
• Analytical, problem resolution, and risk management skills in a business and technical environment
• Excellent interpersonal, communication, and negotiation skills. Able to build and foster collaborative relationships at executive, senior management, and peer levels within and outside of IT
7-10 years technical experience with security technologies to include, but not limited to, Cisco Security Appliances, Cisco routers and switches, Checkpoint Firewalls, Websense Web Filtering.
• Ability to influence, negotiate and manage cross-functional objectives with system vendors, customers, corporate partners and peers
• Strong business interfacing and presentation skills. Able to grasp business concepts quickly, formulate and recommend options for solution delivery, and negotiate and obtain buy-in and build consensus from senior leaders on IT-recommended solutions
• Able to visualize and drive integration across locations, functions and projects.
• Must possess technical leadership and soft skills required to communicate at all levels of leadership and associates throughout the organization.
• Must be a strong leader that can provide clear direction, but must also work well in a team environment.
• 5-7 years of experience in Information Security focusing on the financial, business and technology components of delivering a security program
• Ability to review technical SOWs/SPAs
• 7-10 years technical experience with security technologies to include, but not limited to, Network and Security Appliances from various vendors, including but not limited to routers, switches, firewalls, URL Filter, Intrusion Preventions Systems, Anti-Malware and Anti-Spam technologies.
• Demonstrated ability to coordinate complex projects involving multiple organizational units, systems and/or technical components.
• Strong working knowledge of PCI, NIST, ISO 27002, COBIT, ITIL and Information Security Best Practices.
• Bachelor degree or related field or requisite job experience.
• Strong working knowledge of external 3rd party certifications and audits.
• Previous experience in security audits such as PCI, HIPAA, etc.
• Previous experience in security operations, managing security administrators and engineers.
Suddenlink - 16 months ago
Cequel Communications, which operates through subsidiary Suddenlink, provides cable TV, high-speed Internet access, and phone...