Director of Information Security

About The Position

Requirements

• Bachelor’s degree from an accredited university.
• 10 years of progressive technology experience
• Minimum of 5 years of experience in a cybersecurity engineering or architecture leadership role.
• The ability to motivate and lead a team of cybersecurity staff supporting the organization’s goal and leads the process of developing a security vision for the future.
• Articulate with strong business acumen and executive presence.
• Foster and build a collaborative working relationship with various stakeholders.
• Expert in information security management, and business risk management.
• Ability to develop and maintain relationships with senior leaders at Verra Mobility and with customers, up to and including C-level executives.
• Must be adept at developing senior management presentations, enterprise communications, and whitepapers that are logical and concise with only general guidance from the VP, Cybersecurity and others to support senior executive reviews and initiatives.
• Must be proficient in leading cross-functional teams of senior employees to achieve objectives.
• Extensive experience in strategic planning, budgeting, and allocation.
• Direct experience leading and managing employees.
• Experience implementing cybersecurity solutions supporting defense-in-depth architecture.
• Experience developing cybersecurity best practices and standard operating procedures.
• Coachable and willing to learn with positive demeanor.
• Ability to take initiative and drive results.
• Minimum (DoD Directive 8140) certification of CISSP or CompTIA Security+.
• Proficiency in scripting languages that enable automation (i.e. Python, PowerShell, Bash).
• Strong organizational and time management abilities with formal project management experience.
• Work well under pressure and respond to tight deadlines while exercising sound judgment.
• Ability to work collaboratively with diverse stakeholders.
• Proficiency in Microsoft Office (i.e., excel xlookup, Power BI report building).
• Experience working in a regulated industry and confirming cybersecurity practices to SOX, PCI, NIST, ISO, SOC 2, and many others.
• Must be locally located and comfortable working a 3 days in office hybrid model and 2 days remote .
• This position is not eligible for sponsorship now or in the future and is only considering local Arizona talent.

Nice To Haves

• Other security certifications, such as GSEC, OSCP, CISM, etc.
• Demonstrated ability to multi-task, respond to needs quickly and efficiently and prioritize work with a strong attention to detail.
• Must be a self-starter and possess the qualities to work efficiently, effectively, and autonomously with general supervision.

Responsibilities

• Responsible for the planning, design and implementation of security measures created to safeguard access to resources, enterprise networks, computer systems, and data elements.
• Setting the strategy for the enterprise cybersecurity solutions.
• Configure, deploy, fine tune, and monitor SIEM, WAF, Firewall, Zero-Trust, IAM, MFA, EPP, SOAR, Vulnerability Management, Threat Intelligence, DLP, CASB, Secure Web & Email Gateway.
• Stay abreast of industry best practices in risk management techniques and integrate new methods and tools as appropriate.
• Monitor vendor and third-party security reports/lists and proactively patch vulnerabilities.
• Work with business line executives to provide visibility into the security risks with a standard risk management approach to track, mitigate and report on the risks.
• Engage with internal and external partners to help design, test, and implement state-of-the-art secure operating systems, applications, networks, and database products/solutions.
• Lead and participate in security operations support and incident management.
• Oversee individual contributors such as security engineers to provide them with clear vision and goals so that cybersecurity is seen as an integral component of enterprise architecture and portfolio management.
• Serve as the cybersecurity subject matter expert by providing guidance and consulting services to IT teams and business units.
• Maintains proper documentation for all security products and processes.