Director, Information Security
Director, Information Security
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 190000 - 200000
1 Vacancy
Job Description
Summary:
The Director of Information Security is responsible for developing implementing and monitoring a strategic comprehensive enterprise cyber security and IT risk management program. The Director of Information Security provides the vision and leadership necessary to manage the risk to the organization and will ensure business alignment effective governance system and product availability integrity and confidentiality. The Director of Information Security is an integral part of the Information Security team supporting our customers.
Duties and Responsibilities:
Conduct a thorough assessment of the companys security needs priorities and opportunities in order to visualize create and execute on an information security program
Design and develop an information security roadmap to align and scale with company growth
Lead security assessment and testing processes including but not limited to penetration testing vulnerability management and secure software development at a global level
Plan for and manage incident response plans while minimizing effect on the business
Develop and extend security tooling and automation efforts across the organization
Proactively identify security issues and potential threats and continuously build processes and design systems to watch for and protect against them
Lead compliance activities including external audits regulatory compliance projects and overall information security reviews
Educate the organization about these threats and implement threat protection measures
Serve as cross-functional leader and provide direction to key accountable stakeholders in a matrix environment with dotted-line reports imbedded within the business
Serve as the information security expert in front of the Executive team
Advocate for secure application and infrastructure best practices ensuring a security presence at all stages of the software development lifecycle
Manage relationships with external information security technology vendors and specialized information security professional services firms
Attract develop and retain a highly talented team as the information security program grows
Skills:
Experience developing maintaining and implementing an Information Security Program (ISP) including policy and strategy development preferably in higher education.
Experience addressing information security-related issues involving identity and access management intrusion detection forensics incident management risk management and/or auditing.
Experience evaluating and providing guidance on information security software and hardware acquisitions IT services cloud-based solutions and mobility
Knowledge of security assessment and testing tools.
Experience with developing and managing an information security awareness and training program.
Experience with information security and compliance-related issues (e.g. FERPA HIPAA PCI-DSS GLBA copyright and software piracy).
Experience in managing and negotiating vendor contracts and agreements.
Ability to communicate effectively in writing and oral presentations.
Strong business acumen and a collaborative influential partner able to educate build relationships and foster adoption of sound security practices (commitment compliance).
Expert experience with cloud security platforms and services including understanding of current security offerings from leading cloud service providers (e.g. AWS Azure etc.) and their applicability to securing a SaaS enterprise security environment.
Experience in the evaluation and implementation of industry standard enterprise-wide information security technologies and concepts including but not limited to: SEIM Application Security Cloud Security (AWS) Data Loss Prevention Security Event Management Threat and Vulnerability Management and Identity and Access Management.
Clear understanding of relevant information security governance technical and security standards and regulations Familiarity with industry security standards and compliances including OWASP FedRAMP AICPA SOC NISTISO 27001 CMMC and ISO 27018 as well as current data privacy regulations including GDPR and regional standards. Deep knowledge of networking and network security.
Strong understanding and experience with Secure SDLC and DevSecOps or security automation Ability to work under pressure across multiple stakeholders.
Excellent written and communication skills and ability to communicate across all levels of an organization.
Education & Experience Requirements:
Experience:
8 years of relevant experience in the information security space.
4 years of progressively responsible management and/or leadership experience in information security or network administration which includes two years of supervisory experience. Experience with an institution of higher education is preferred.
Certifications:
Professional certification or equivalent in information security preferably in CISSP (Certified Information Systems Security Professional) CISM/A (Certified Information Security Manager/Auditor) CompTIA Security Certified Ethical Hacker or CCSP (Certified Cloud Security Professional) Certified Intrusion Analyst (GCIA).
Preferred Experience Requirements:
Education:
Bachelors Degree
Experience:
Experience with an institution of higher education
All submissions should include a cover letter and resume.
The University of Maryland Global Campus (UMGC) is an equal opportunity employer and complies with all applicable federal and state laws regarding nondiscrimination. UMGC is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race color national origin age marital status sex sexual orientation gender identity gender expression disability religion ancestry political affiliation or veteran status in employment educational programs and activities and admissions.
Workplace Accommodations:
The University of Maryland Global Campus Global Campus (UMGC) is committed to creating and maintaining a welcoming and inclusive working environment for people of all abilities. UMGC is dedicated to the principle that no qualified individual with a disability shall based on disability be excluded from participation in or be denied the benefits of the services programs or activities of the University or be subjected to discrimination. For information about UMGCs Reasonable Workplace Accommodation Policy or to request an accommodation applicants/candidates can contact Employee Accommodations via email at.
Benefits Package Highlights:
- Generous Time Off:Enjoy 22 days of paid vacation 15 days of sick leave 3 personal days and 15 paid holidays (16 during general election years). For part-time employees time off rates will be prorated based on the number of hours worked.
- Comprehensive Health Coverage:Access to health care medical with vision dental and prescription plans for both individuals and families effective from the 1st of the month following your hire date.
- Insurance Options:Term Life Insurance Accidental Death and Dismemberment Insurance and Long-Term Disability (LTD) Insurance. Part-time employees working less than 0.5 FTE are not eligible for LTD.
- Flexible Spending Accounts:Available for medical and dependent care expenses.
- Retirement Plans:Choose between the Optional Retirement Program (ORP) or the Maryland State Retirement and Pension System (MSRPS).
- Supplemental Retirement Plans: include 401(k) 403(b) 457(b) and various Roth options. The university does not provide matching funds.
- Tuition Remission:Immediate availability for Regular Exempt Staff. Spouses and dependent children are eligible for undergraduate tuition remission after two years of service. NOTE: For part-time employees (at least 50 percent of the time) tuition remission benefits are prorated.
Hiring Range:
$190000.00 - $200000.00Required Experience:
Director
Employment Type
Full-Time
