DIRECTOR, INFORMATION SECURITY
Company: AccelerEd
Location: Bethesda
Posted on: November 8, 2024
Job Description:
If you are interested in applying for this job, please make sure
you meet the following requirements as listed below.
The Director of Information Security is responsible for developing,
implementing and monitoring a strategic, comprehensive enterprise
cyber security and IT risk management program. The Director of
Information Security provides the vision and leadership necessary
to manage the risk to the organization and will ensure business
alignment, effective governance, system and product availability,
integrity and confidentiality. The Director of Information Security
is an integral part of the Information Security team supporting our
customers.
This is a hybrid role and is currently based at one of our client's
sites in Adelphi, MD.
RESPONSIBILITIES:
- Conduct a thorough assessment of the company's security needs,
priorities and opportunities in order to visualize, create, and
execute on an information security program.
- Design and develop an information security roadmap to align and
scale with company growth.
- Lead security assessment and testing processes, including but
not limited to penetration testing, vulnerability management, and
secure software development at a global level.
- Plan for and manage incident response plans while minimizing
the effect on the business.
- Develop and extend security tooling and automation efforts
across the organization.
- Proactively identify security issues and potential threats and
continuously build processes and design systems to watch for and
protect against them.
- Lead compliance activities including external audits,
regulatory compliance projects, and overall information security
reviews.
- Educate the organization about these threats and implement
threat protection measures.
- Serve as a cross-functional leader and provide direction to
key, accountable stakeholders in a matrix environment with
dotted-line reports embedded within the business.
- Serve as the information security expert in front of the
Executive team.
- Advocate for secure application and infrastructure best
practices, ensuring a security presence at all stages of the
software development lifecycle.
- Manage relationships with external information security
technology vendors and specialized information security
professional services firms.
- Attract, develop, and retain a highly talented team as the
information security program grows.
MINIMUM QUALIFICATIONS, EDUCATION, KNOWLEDGE, SKILLS, AND
ABILITIES:
EDUCATION
- Master's degree in cybersecurity, information management,
information technology, computer science, engineering, business
management, or related fields.
- 8+ years of relevant experience in the information security
space.
- 4+ years of progressively responsible management and/or
leadership experience in information security or network
administration which includes two years of supervisory experience.
Experience with an institution of higher education is
preferred.
- Professional certification or equivalent in information
security, preferably in CISSP (Certified Information Systems
Security Professional), CISM/A (Certified Information Security
Manager/Auditor), CompTIA Security+, Certified Ethical Hacker, or
CCSP (Certified Cloud Security Professional), Certified Intrusion
Analyst (GCIA).
KNOWLEDGE, SKILLS AND ABILITIES
- Experience developing, maintaining, and implementing an
Information Security Program (ISP) including policy and strategy
development, preferably in higher education.
- Experience addressing information security-related issues
involving identity and access management, intrusion detection,
forensics, incident management, risk management and/or
auditing.
- Experience evaluating and providing guidance on information
security software and hardware acquisitions, IT services,
cloud-based solutions, and mobility.
- Knowledge of security assessment and testing tools.
- Experience with developing and managing an information security
awareness and training program.
- Experience with information security and compliance-related
issues (e.g. FERPA, HIPAA, PCI-DSS, GLBA, copyright and software
piracy).
- Experience in managing and negotiating vendor contracts and
agreements.
- Ability to communicate effectively in writing and oral
presentations.
- Strong business acumen and a collaborative, influential partner
able to educate, build relationships, and foster the adoption of
sound security practices (commitment + compliance).
- Expert experience with cloud security, platforms, and services,
including understanding of current security offerings from leading
cloud service providers (e.g. AWS, Azure, etc.), and their
applicability to securing a SaaS enterprise security
environment.
- Experience in the evaluation and implementation of
industry-standard enterprise-wide information security technologies
and concepts, including but not limited to: SEIM, Application
Security, Cloud Security (AWS), Data Loss Prevention, Security
Event Management, Threat and Vulnerability Management and Identity
and Access Management.
- Clear understanding of relevant information security
governance, technical and security standards and regulations.
Familiarity with industry security standards and compliances
including OWASP, FedRAMP, AICPA SOC, NIST 800-53, 800-171 ISO
27001, CMMC, and ISO 27018 as well as current data privacy
regulations, including GDPR and regional standards. Deep knowledge
of networking and network security.
- Strong understanding and experience with Secure SDLC and
DevSecOps or security automation. Ability to work under pressure
across multiple stakeholders.
- Excellent written and communication skills and ability to
communicate across all levels of an organization.
- Must be authorized to work in the United States for any
employer. We are not offering sponsorship now or in the future.
#J-18808-Ljbffr
Keywords: AccelerEd, Potomac , DIRECTOR, INFORMATION SECURITY, Executive , Bethesda, Maryland
Didn't find what you're looking for? Search again!
Loading more jobs...