Overview
Director of Information Security Jobs in Troy, MI at Entrega
Title: Director of Information Security
Company: Entrega
Location: Troy, MI
View All Jobs
Job Position Summary:
The Director of Information Security will drive the assessment and transformation of our cybersecurity processes, ensuring comprehensive protection across all operations. They will work closely with senior leadership to develop and implement a robust security strategy that addresses evolving threats and risks and fulfill our Chief Information Security Officer (CISO) obligations. The Director of Information Security will also be responsible for leading the Security Operations Center (SOC) function, managing incident response, ensuring security processes and tools are operating effectively and supporting project delivery. Additionally, the Director of Information Security will oversee the establishment and maintenance of effective data governance to ensure the security, integrity, and compliance of information.
Responsibilities and Duties:
Security Assessment – Lead a security assessment to identify gaps and vulnerabilities in the current cybersecurity infrastructure and processes.
Compliance – Lead the organization to SOC II Type 2 compliance and certification.
Policy Management – Oversee the design, implementation, and management of security policies and controls to protect information assets.
Security Roadmap – Develop and execute a comprehensive security roadmap covering people, process and technology including compute, network, endpoint and cloud.
Tool Evaluation – Work with IT to evaluate current security tools and recommend upgrades or new solutions. Ensure that security tools, such as SIEM, IDS/IPS, and endpoint detection systems, are properly configured and regularly updated.
SOC and SIEM – Implement Arctic Wolf SOC and SIEM capabilities and support ongoing monitoring and containment.
Vulnerability, Threat, and Risk Management – Manage vulnerability scanning, patch management, and threat intelligence efforts to proactively identify and mitigate risks while maintaining the Risk Registry. They will collaborate with IT operations to ensure vulnerabilities are remediated within defined SLAs and regularly assess and test security controls to ensure ongoing effectiveness.
Security Monitoring and Metrics – Continuously improve security monitoring and alerting processes, collect and report key performance indicator metrics related to security operations and incidents.
Strategic Guidance – Provide security insights and advice to executive leadership on trends and regulatory changes.
Security Operations Leadership – Oversee day-to-day security operations, including monitoring and incident response, and manage the SOC function to ensure continuous 24x7x365 threat monitoring and rapid response.
Incident Response – Lead the creation of incident response playbooks and establish communication protocols.
Security Training – Oversee security awareness training to improve the organization’s security culture.
Long-Term Framework – Recommend strategies for building a sustainable security operations framework.
Asset Safeguarding – Protect information system assets by identifying and solving security issues.
Access Control – Define and manage access privileges and control structures.
Violation Reporting – Identify abnormalities and report security violations.
Security Audits – Conduct periodic audits to uncover violations and inefficiencies.
Service Standards – Maintain quality service by adhering to organization standards.
Ongoing Learning – Stay current by attending workshops and reviewi…
