Overview
Director of Information Security Jobs in United States at OraSure Technologies
Title: Director of Information Security
Company: OraSure Technologies
Location: United States
The OraSure family of companies empowers the global community to improve health and wellness by providing access to accurate, essential information. Our ability to positively affect change is powered by the innovative tools, services and diagnostics we deliver to the market.
Together with its wholly owned subsidiaries, DNA Genotek, Diversigen, and Novosanis, the OraSure family of companies provides its customers with end-to-end solutions that encompass tools, services, and diagnostics. Our teams play a role in empowering people to discover healthier lives by creating effortless tests, collection kits, and services.
It’s first-to-market, innovative products include rapid tests for the detection of antibodies to HIV and Hepatitis C (HCV) on the OraQuick® platform; sample self-collection and stabilization products for molecular applications; and oral fluid laboratory tests for detecting various drugs of abuse.
OverviewHere at the OraSure family of companies our innovative sampling tools, services and diagnostics unlock access to accurate, essential information that advances global health and well-being. Our products include molecular sampling kits for the genome and microbiome, cutting-edge services and analytics, rapid diagnostics for infectious disease, and tests for substance abuse.
Reporting to the Vice President, Information Technology, the Director of Information Security is responsible for establishing and maintaining appropriate components of an enterprise-wide information security program to assure information assets are adequately protected and information risks are managed appropriately.
The position will provide leadership as well as overseeing day-to-day operations and activities related to the creation and delivery of security projects; planning and managing complex multi-year projects and associated initiatives designed to improve the company’s overall information security program.
Snapshot of Responsibilities
Develop and advance company information security policies, standards, procedures and tools to assure the company remains compliant with industry standards (which may include CIS, GDPR, PCI, HIPAA, etc.)
Evaluate Cyber Risk across company systems, both on-premise and cloud; develop prioritized implementation plans for compliance to policies and standards
Evaluate and Manage Security Vendor relationships: Managed Security Services, Internal and External Penetration Testing, Incident Response, Cyber Maturity, and other cybersecurity partners and vendors
Develop and report business-relevant metrics to measure the efficiency and effectiveness of the Information Security Program
Design and Manage Vulnerability Detection and remediation
Keep abreast of industry trends and current emerging risks. Advise the company on security best practices
Perform reviews of security infrastructure configurations including firewall, intrusion detection, web filtering, SIEMs, DLP, application whitelisting across sites and develop common standards
Develop and lead appropriate table-top exercises. Incorporate lessons learned into security program
Review alerts (based on your defined alert parameters) on a daily basis and act accordingly
Manage user cyber security training and phishing programs
Manage spam filtering and rules to balance risk with business needs
Assist the company with customer facing security requests and audits, including SOX
Assist the company with cyber-insurance applications and reviews
What You Brin…
