Overview
Director, Information Security Jobs in United States at Apptega
Title: Director, Information Security
Company: Apptega
Location: United States
The Director of Information Security is responsible for managing a comprehensive IT and Information Security program for Apptega. This includes Corporate IT and Security Strategy, Security Administration, Policy and Compliance, Risk and Contingency Management, Security Operations, Threat and Vulnerability Management, Incident Management and Response, and Forensics. This role will be reporting directly to the CISO and will aid and provide expertise in the matters of security, standards, risk, and compliance.
Essential FunctionsReasonable accommodations may be made to enable individuals with disabilities to perform these essential functions.
Develop, implement, and manage the process for data security, corporate IT strategy and associated architecture. Ensure adequate levels of funding and resources to accomplish associated IT Security annual goals and objectives.
Helps keep Apptega data secure from both internal and external threats, malicious software and unauthorized data exposure.
Lead information security and awareness and training initiatives by maintaining corporate security awareness policies and programs including privacy and data classification, retention and destruction of assets.
Ensure the ongoing integration of IT and information security with business strategies and requirements.
Ensure access control, business continuity, incident response and risk management needs of the organization are properly addressed.
Foster a strong collaboratory relationship internally across all Apptega departments and leaders to leverage our own subject matter experts to increase our internal and external security posture.
Work with and manage vendors, outside consultants, and other third parties to improve IT and information security within the organization.
Formulate and implement an incident response program. This includes developing an incident response team, declaring incidents, coordinating and assisting in the investigation of incidents, forensic and eDiscovery, assisting in the recovery from attacks, coordinating with law enforcement agencies, and developing the post-response control strategy.
Develop, publish, implement and maintain comprehensive company wide IT and information security plans, policy, guidelines and procedures.
Monitor information security trends, understand potential threats, vulnerabilities and control techniques. Educate the executive team on all matters of Corporate IT and data security as the spaces evolves over time.
Defines and communicates the organizational direction and policy for Information Security and IT Risk Management, identifies operational risks, performs ongoing risk assessment, reporting, and remediation. This includes working with senior management to identify, define, and confirm the key threats to the information and financial assets of the Company.
Requirements
Bachelor’s Degree in Computer Science, Information Systems, Information Technology, Business or equivalent.
10+ years of increasing experience in IT Management, Network, Systems Administration and a well-rounded leadership and management background.
CISSP certification or equivalent security certification / accreditation required.
A solid knowledge of all security related industry standards and frameworks including but not limited to PCI DSS, ISO 27001/2, NIST, OWASP, SANS, COBIT, ITIL, COSO, FISMA, FedRAMP
Proven track record in having successfully established and managed Enterprise Security and IT programs.
Ability to …
