Head of Information Security

What You’ll Do:

Reporting to the CIO, this position is responsible for the end-to-end ownership of our information security program
Develop, implement, and monitor a strategic, comprehensive enterprise and application IT cybersecurity program.
Drive security standards across the organization, including information security policies, procedures, and guidelines.
Create and maintain a security awareness training program.
Analyze and test systems and processes to understand vulnerabilities to cyber threats.
Partner with security experts to ensure all technology platforms meets all security requirements and continues to evolve over time to meet changing needs and best practices
Continuously and measurably improves technology and data security.
Provides strategic and tactical vision, along with execution focused on incident prevention, detection, and response.
Identifies, tracks, and communicates detailed metrics indicating overall security risk factors.
Ensures organization’s capability to analyze and mitigate security threats.
Work with team members and developers on the design and development of threat deterrence and defense technologies and risk mitigation infrastructure.
Implements an incident response program to identify and respond if any breaches (internal or external) or misuse of data takes place.
Conduct research to understand emerging threats and develop innovative risk management approaches, tools, and analytics to better manage risk.
Briefs CIO and other executives regularly on current cybersecurity threats and challenges, and the status of the information security management system.
Coordinate with executive leadership on third-party security risk assessments.
Lead the periodic internal risk assessment. Document its findings and develop recommendations to address deficiencies.
Identify areas where automation and machine learning can improve the team’s scalability.
Own the Information Security annual budget and operate within the budget.
Provide leadership, supervision, coaching and guidance across the team in achievement of organizational and departmental goals.
Partner with IT leadership, business unit leaders and service providers to provide strategic solutions and operational efficiencies.

About You:

Proven ability to work effectively in independent settings as well as in a larger group in team settings
Ability to interact with people at all levels of the organization, prioritize and handle multiple competing demands in a high-volume, fast-paced work environment
Must have outstanding organizations and time-management skills, possess the ability to exercise practical judgment, and be a highly motivated self-starter
Exhibits superior verbal and written communication skills, attention to detail, and ability to multitask
Able to resolve or escalate issues in a timely manner

What You’ll Need:

5 or more years of IT implementation experience
Experience in cloud only or cloud first infrastructure
Certified Information Systems Security Professional (CISSP) or similar (CISA, CISM, etc)
Experience deploying cloud information security solutions
Firm understanding and ability to implement zero trust security
Firm understanding and experience with Software Defined Networking and Cloud Networking
Firm understanding of single sign on and multi factor authentication platforms
Experience driving discussions with senior personnel regarding trade-offs, best practices, project management and risk mitigation
Firm understand of work from anywhere models.
Experience with IT compliance and risk management requirements