Events  Deals  Jobs 
    Sign in  
VirtualHealth // population health & care management tech
New York City    Posted: Wednesday, October 30, 2019
Apply To Job

Director, Information Security


The Director of Information Security will be responsible for developing, implementing & monitoring a strategic, comprehensive enterprise cybersecurity & IT risk management program. Furthermore, provide the vision & leadership necessary to manage the risk to the organization & ensure business alignment, effective governance, system & product availability, integrity & confidentiality.

Duties & Responsibilities

  • Provide the direction for company data & cybersecurity protection & oversee Technology governance & policies.
  • Develop company security strategy, security awareness programs, security architecture, & security incident response.
  • Provide strategic risk guidance for IT projects, including evaluation & recommendation of technical controls.
  • Educate IT leaders on appropriate security risk & mitigation strategies.
  • Collaborate with IT compliance team(s) as needed & coordinates the IT component of both internal & external audits to ensure security programs are in compliance with relevant laws, regulations & policies.
  • Develop, maintain & publish up-to-date security policies, standards & guidelines.
  • Oversee training & dissemination of security policies & practices.
  • Evaluate new cybersecurity threats & IT trends & develops effective security controls.
  • Oversee development of security awareness programs.
  • Develop & oversee effective disaster recovery policies & standards to align with company business continuity management program goals.
  • Coordinate development of implementation plans & procedures to ensure business critical services are recovered in the event of disasters or other incidents, & provides direction, support & in-house consulting in these areas.
  • Evaluate potential security breaches, coordinates response, & recommend corrective actions.
  • Supervise staff as assigned in the performance of the job duties.
  • Define & report on information security metrics.
  • Provide project management & leadership to staff & external resources in support of established goals & objectives, improved efficiencies, & problem resolution.
  • Ensure accomplishment of all objectives in accordance with company policies, procedures, & strategic direction, as well as regulatory standards.
  • Maintain current knowledge of industry & regulatory trends & developments for the enterprise technology.

Knowledge & Skills

  • Security/Network Architecture
    • Practices & methods of security architecture, enterprise architecture & IT strategy
    • Security architecture definition & development
    • Security concepts related to routing, DNS, VPN, authentication, DDOS mitigation technologies/tools & proxy services
    • Firewall & other security tools & technologies
    • Intrusion prevention & detection protocols
    • Networking concepts related to TCP/IP, switching & routing
    • Security infrastructure & network configuration
  • Cloud Computing Platforms
    • AWS
    • IBM
    • Linode
  • Systems
    • Linux
    • UNIX
    • Windows
    • LXC
    • Docker
    • Active Directory
    • LDAP
    • Okta
    • ScaleFT
  • Compliance Frameworks
    • HIPAA
    • NIST
    • SOX
  • Strong Emotional Intelligence with demonstrated sustained leadership in a large organization involving multiple stakeholders.
  • Demonstrated management skills, e.g., budget development & administration, policy development & implementation, personnel administration, staff training and development.
  • Demonstrated ability to work with diverse people; effective oral & written communication skills.
  • Knowledge of Information technology infrastructure library (ITIL) with respect to security administration & information technology governance in a multi-platform environment.
  • Ability to establish priorities, work independently, & proceed with objectives without supervision.
  • Ability to do problem determination & escalation.
  • Excellent verbal & written communication skills with customers & co-workers.

Credentials & Experience

  • Bachelors degree from an accredited institution, with degree preferred in Computer Science or Information technology systems security or related field. Masters degree preferred.
  • Minimum of five (5) years of experience in the field related to the title of the position.
  • Certified Information Systems Security Professional (CISSP) Certification preferred.
  • Experience in establishing cybersecurity & risk metrics for reporting.
Apply To Job
© 2021 GarysGuide      About    Feedback    Press    Terms