Director of Information Security
Apply on
We are looking for a highly skilled Director of Information Security to lead our cybersecurity efforts and protect our digital infrastructure from evolving threats. This leadership role will play a critical part in ensuring the security and integrity of our information systems.
Job Summary:
The Director of Information Security will be responsible for developing and implementing the organization s information security strategy, policies, and programs. This role involves safeguarding the company s sensitive data, ensuring compliance with industry standards, and managing a team of security professionals. The ideal candidate will have extensive experience in cybersecurity, risk management, and security governance, as well as strong leadership and communication skills.
Key Responsibilities:
- Develop and oversee the implementation of a comprehensive information security strategy, ensuring alignment with the organization s goals and regulatory requirements.
- Lead a team of cybersecurity professionals responsible for monitoring, detecting, and responding to security incidents.
- Establish and enforce security policies, protocols, and procedures across the organization.
- Conduct regular risk assessments to identify potential vulnerabilities and recommend mitigation strategies.
- Monitor the threat landscape and stay current on emerging security threats, trends, and technologies.
- Manage the security incident response process, including the investigation and remediation of breaches, and lead post-incident reviews.
- Oversee the deployment of security tools and technologies, including firewalls, intrusion detection systems, encryption, and identity management solutions.
- Ensure compliance with industry standards, such as ISO 27001, NIST, GDPR, HIPAA, or other relevant regulatory frameworks.
- Collaborate with executive leadership, IT, legal, and compliance teams to ensure company-wide adherence to security policies.
- Develop and deliver security awareness training programs to educate staff on cybersecurity best practices.
- Prepare and present regular reports to the executive team on the effectiveness of the organization s security program and any incidents or risks.
- Manage the information security budget, including purchasing security tools and managing vendor relationships.
- Serve as the primary point of contact for audits, compliance assessments, and regulatory reporting related to security matters.
Qualifications:
- Bachelor s degree in Information Security, Computer Science, Information Technology, or a related field. A Master s degree is preferred.
- 8+ years of experience in information security, including at least 3 years in a leadership role.
- Proven experience in developing and implementing security strategies and frameworks.
- Strong knowledge of security standards, regulations, and frameworks (e.g., ISO 27001, NIST, GDPR, CCPA, PCI-DSS, HIPAA).
- Expertise in security technologies such as firewalls, SIEM, encryption, IDS/IPS, DLP, endpoint protection, and vulnerability management tools.
- Strong understanding of network security, cloud security, and identity and access management (IAM).
- Experience in managing security incidents, threat intelligence, and incident response processes.
- Excellent leadership, communication, and interpersonal skills with the ability to influence stakeholders at all levels of the organization.
- Relevant certifications such as CISSP, CISM, CISA, CRISC, or equivalent are highly desirable.
Preferred Skills:
- Experience with cloud security platforms (AWS, Azure, Google Cloud Platform) and DevSecOps practices.
- Familiarity with security automation and orchestration tools.
- Prior experience working in highly regulated industries such as healthcare, finance, or government.
Benefits:
- Competitive salary with performance-based bonuses.
- Comprehensive health, dental, and vision insurance.
- 401(k) plan with company match.
- Paid time off, including vacation days, sick leave, and holidays.