Sr Dir - Information Security

About The Position

Requirements

• Master’s Degree in Business Administration, Computer Science, Information Technology or any other related discipline or equivalent related experience.
• 12+ years of directly-related or relevant experience with 8+ years in a managerial capacity, preferably in information security.

Nice To Haves

• Certified Information Systems Security Professional (CISSP)
• Certification in Information Security Strategy Management (CISM)
• Offensive Security Certified Professional (OSCP)
• GIAC Certified Incident Handler (GCIH)

Responsibilities

• Serve as the enterprise incident commander for high-severity cyber events.
• Drive investigations, coordinate response across legal/privacy/IT, and deliver concise executive-level reporting and briefings.
• Establish and lead at least one center of excellence within ISO to provide continuous process improvement and standardization.
• Guide and mentor teams in advanced incident response techniques, threat hunting, malware analysis and detection rule development.
• Oversee the global security operations center (internal and MSSP), ensure effective coverage, threat visibility, alert fidelity, and automation.
• Direct the strategy and optimization of the incident response and SOC tech stack, including SIEM, SOAR and EDR.
• Assess risks of all nature, internal and external, and provide intelligence and direction and actionable decision-making, to protect the corporate brand, data and assets.
• Act as the trusted advisor for security, risk, compliance and governance matters and support the enablement of business segment security capabilities via balanced risk decisions.
• Set goals/KPIs, create budget and manage the overall performance of the Information Security Strategy team.
• Lead, develop and mentor teams of Information Security Strategy and IS IT Risk Management professionals as well as contractors, vendors and services providers.
• Guide and consult IT executives and business leaders regarding risks to information security and business operations as well as the necessary corporate responsibilities required to mitigate those risks throughout the enterprise.
• Build appropriate metrics and KPIs and provide regular reporting on the information security program maturity, risk posture and management, and regulatory compliance.
• Ensure reports and data utilized in regulatory reporting are completed in the required timelines and reports are prepared and submitted to appropriate agencies and stakeholders.
• Follow information security trends within and outside of work with executive leadership to strategize and recommend changes and updates to company.

Benefits

• Medical, dental, and vision care.
• Backup dependent care.
• Adoption assistance.
• Infertility coverage.
• Family building support.
• Behavioral health solutions.
• Paid parental leave.
• Paid caregiver leave.
• Training programs.
• Professional development resources.
• Opportunities to participate in mentorship programs, employee resource groups, volunteer activities.