Director, Information Security - Endpoint, Mobile, Cloud

About The Position

Requirements

• Bachelor of Computer Science/Engineering or Information Technology or experience in related fields
• Ability to lead oneself and a team independently with minimal guidance and effectively leverage diverse ideas, experiences, and perspectives to the benefit of the organization
• Experience with agile development/program management methodologies
• Knowledge of business concepts and information security tools and processes that are needed for making sound decisions in the context of the company's business
• Demonstrated infrastructure (endpoint, mobile, and cloud) security related experience inclusive of experience with infra sec tooling, governance, design/architecture, etc.
• Experience with Zero Trust concepts
• Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges
• Excellent problem solving, communication, and collaboration skills
• Significant experience and/or deep expertise with several of the following: Infrastructure security tooling and design experience, inclusive of endpoint, mobile, and cloud, etc.
• Management of analyst teams, specifically to drive risk reductions and elimination of technical debt/environmental hardening
• Experience with data analytics/SIEM platforms (including Splunk) to find risk, scope, and eliminate risk/tech debt
• Security Architecture, Security Advisory, or Security Engineering experience directly related to endpoint, mobile, and cloud security tools/process/risk reduction
• NIST and ISO 27000 Standards
• Information Security Policy, Standards, Procedures, and Engineering Specifications
• Information Security Risk Assessment processes
• Information Security governance and control processes
• Metrics creation and reporting

Nice To Haves

• Applicable SANS Certifications
• Industry and tool certifications related to infrastructure security tooling, processes, or governance
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)

Responsibilities

• Oversee project and operational work, while guiding and transferring knowledge to more junior team members
• Function as an escalation point for operational work handled by more junior staff on the team, managing and resolving issues independently
• Leverage infrastructure security and tool/process specific knowledge as well as organizational and industry knowledge to resolve complex technical/process/people problems.
• Partner with leadership to set direction for the future of the infrastructure security program, while ensuring an accurate understanding and in-depth knowledge of daily operations to enhance and improve information security processes and controls
• Drive the development and reporting of infrastructure security related metrics
• Prioritize technical debt/risk reduction in the infrastructure security space, while managing a team of infrastructure security analysts to harden the environment
• Drive prioritized risk reductions/tech debt eliminations with the businesses and technology owners
• Bring a deep understanding of endpoint, mobile, and cloud security, cybersecurity governance frameworks, and emerging risks to guide team members and embed learning and innovation in the day-to-day of the infrastructure security team

Benefits

• Market competitive base salaries, with a yearly bonus potential at every level.
• Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave.
• 401(k) plan with company match (up to 4%).
• Company-funded pension plan.
• Wellness Programs including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs.
• Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.
• Education Benefit to help finance traditional college enrollment toward obtaining an approved degree and many accredited certificate programs.
• Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.
• Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance.