Senior Director of Information Security and Compliance

About The Position

Requirements

• Bachelor's Degree in cybersecurity, computer science, information technology, management information systems or related field
• 10+ years experience in security operations specifically in managing engineering teams and respective technologies
• 10+ years experience with cyber maturity framework, specifically NIST CSF 2.0, CIS 18, and ISO 27001:2022.
• 10+ years in cybersecurity and related areas including knowledge and understanding of relevant legal, regulatory and privacy requirements for a global organization
• Compliance & Privacy Expertise: Compliance & Privacy Expertise
• Deep understanding of SOX (Sarbanes-Oxley Act) controls and audit requirements.
• Experience implementing and maintaining GDPR compliance programs.
• Familiarity with GRC (Governance, Risk, and Compliance) platforms and frameworks.
• Knowledge of privacy regulations for companies with a significant presence internationally (China, Brazil, Spain, EU, UK), and global data protection laws.
• Ability to lead cross-functional teams in privacy impact assessments and data governance.
• Experience working with legal and compliance teams to manage regulatory risk.

Nice To Haves

• Master’s degree in Business Administration, Computer Science, or related field
• CISSP Certification
• 5+ years of management experience or demonstrated leadership acumen
• Medical Device industry experience
• Leadership Skills: Strong leadership and team management skills to guide and motivate teams through complex changes.
• Communication Skills: Excellent verbal and written communication skills to effectively convey information and engage stakeholders.
• Analytical Skills: Strong analytical and problem-solving skills to identify risks and develop effective mitigation strategies.
• Certifications: Relevant certifications in change management (e.g., Prosci, CCMP) and project management (e.g., PMP) are highly desirable
• Communication: Excellent communication skills, both written and verbal, to effectively convey BI strategies and results to stakeholders.
• Collaboration: Ability to work collaboratively with various departments, including IT, marketing, and customer service, to achieve project goal
• Experience in fast-paced global multinational matrix organization
• Strong communication and influencing skills
• Fluent verbal and written communication in English
• Hands-on and proactive; strong organizational skills
• Results driven and service oriented to internal and external customers
• Demonstrated history of consistent goal achievement in a highly competitive environment
• 20-40% Travel

Responsibilities

• Plan, direct and manage the global information security function for both information technology and communications systems for the company; includes all software, hardware, network infrastructure, and vendors hosting or accessing data on behalf of the company.
• Accountable for building and maintaining a high performing team.
• Achieve & maintain high Employee Engagement within the Security & Compliance function.
• Achieve & maintain high Customer Satisfaction on services provided by the Security & Compliance function.
• Develop and evolve information security strategy in alignment with company direction and based on current best practices, emerging trends in our threat landscape, and customer and government requirements regarding information security and data privacy, while balancing risk with spend and our ability to operate.
• Plan, direct, and manage the IT general controls compliance function to ensure the security, accuracy and reliability of the systems that manage and report the company's data, including financial data.
• Communicate all applicable (for all countries in which we operate) government information security requirements and associated risks to business decision makers
• Assess disaster recovery and business continuity plans with respect to commercially reasonable practices.
• Work with peers to appropriately coordinate and communicate activities in alignment with overall corporate and IT strategic intent.

Benefits

• Competitive compensation
• Excellent healthcare including medical, dental, vision and prescription coverage
• Short & long term disability plus life insurance -- cost paid fully by CONMED
• Retirement Savings Plan (401K) -- CONMED matches your contributions dollar for dollar, with the potential for up to 7% per pay period
• Employee Stock Purchase Plan -- allows stock purchases at discounted price
• Tuition assistance for undergraduate and graduate level courses