| | | | | | | | | | | | | | | | | Job Title: | IT Security Director II | Keywords: | | Number of Positions: | 1 | | | Remaining Positions: | 1 | | | Duties: | Essential Duties & ResponsibilitiesDirects, plans and controls all activities and staff of an Information Security area and has full management responsibility for the performance and development of subordinate staff in accordance with corporate strategic direction. May include matrix reporting relationships.Directs the design, development, testing and implementation of appropriate IT security plans, products, firewalls and other access control techniques.Identifies emerging vulnerabilities, evaluates associated risks and threats and provides countermeasures where necessary.Manages the reporting, investigation and resolution of data security incidents.Maintains contact with industry security standard setting groups, and an awareness of State and Federal legislation and regulations pertaining to data privacy and information security.Proposes changes in firm-wide security policy when necessary.Directs the Information Security staff in the evaluation of risks and threats, development, implementation, communication, operation, monitoring and maintenance of the IT security policies and procedures which promote a secure and uninterrupted operation of all IT systems.Develops communications and related campaigns for information security awareness among all staff.Responsible for the development and implementation of security standards, procedures and guidelines to prevent the unauthorized use, release, modification, or destruction of data across multiple platforms and environments (e.g., firm-wide, distributed, client server systems, and e-applications). | Skills: | Skills, Knowledge and Abilities1. Senior level understanding of security policy construction and publication.2. Senior level knowledge of regulations (i.e., SOX, privacy, etc.) and internal controls as they apply to IT.3. Excellent ability to influence change in corporate understanding and adoption of information security concepts.4. Excellent analytical and problem solving skills.5. Excellent communications and interpersonal skills and the ability to work effectively with peers, IT management and staff, and internal/external business partners/clients.6. Ability to effectively communicate with all levels of employees within scope of responsibility.7. Ability to manage various technical projects to completion.8. Proven ability to lead and motivate others in accomplishing goals.9. Ability to exercise professional judgement and assume responsibility for decisions which have an impact on people, quality of service, and costs.10. Advanced computer skills including Microsoft Office suite and other business related software systems. Other technologies will apply dependent on business area supported.11. Preferred insurance industry knowledge. | Education: | Education and Experience1. Bachelor's degree with Master's preferred in Computer Science, or related discipline, or equivalent work experience. 2. Typically a minimum of ten years of technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination. 3. Previous supervisory/management experience including preparing and managing a significant operating budget. 4. Applicable certifications preferred. | | | : | | | | | |
