The Director of Information Security plays an integral part in the development, implementation, and compliance of technical security across the enterprise. They are responsible for developing the Information Security program and policies, managing risks related to information security, crisis management, privacy, compliance, security operations center, vulnerability management, incident response and security technology oversight. In addition, the Director ensures all staff members are trained on enterprise and security requirements through awareness programs. This position is intended for applicants with an expert level of experience in IT security and in managing Information Security Operations. This experience will be applied to securing the infrastructure and assets of Togetherwork.
Core Security Activities:
- Manage and lead the information security team
- Develop, communicate, and implement security standards, processes and procedures, and guidelines for the enterprise
- Direct and approve the design of security systems and manage the implementation of security projects
- Create and amend compliance policy
- Audit and monitor security compliance
- Establish and run Enterprise Cyber Risk Committee
- Identify and characterize risks to the business across the enterprise
- Prioritize projects to address risks
- Articulate budget requirements to the business to address risks in a prioritized fashion
- Reports security performance against established security metrics
- Provide technical oversight and mentoring to staff
- Track Cyber Security performance within the NIST framework
- Create and maintain roadmap to ensure Penetration Testing, Vulnerability Management, Data Forensics and Incident Response (DFIR), and Monitoring SIEM are all performed in a thorough, timely and professional manner.
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
- Constantly update the information security strategy to leverage new technology and threat information
- Be the internal and external Subject Matter Expert for security
- Create internal and external-facing documentation about our security policies and standards and respond to internal and external inquiries
Core Compliance Activities
- Complete and/or coordinate all IT related activity for Risk Assessment, PCI, SOC1, and GDPR
- Ensure compliance with changing laws and regulations. Identify risks and actionable plans to protect the business
- Create and monitor IT related compliance training, communication, and education
- Understand the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments
- Create an information security awareness program to ensure staff members across the organization understand the trade-off between risk and return
- Coordinate with technology and business groups to assess, implement, and monitor IT-related security risks/hazard
Strategic Planning and Management – 35%
- Direct departmental planning and policy-making efforts.
- Hire, supervise, train, assist and evaluate security analyst and engineers.
- Develop the skills of subordinates and encourage growth.
- Coordinate, collaborate, and foster high quality communication between departments at Togetherwork and across its constituents.
- Establish annual operational goals for all assigned employees that align with company priorities and evaluate performance toward achieving those goals.
- Design workflow and procedures.
System Monitoring and Reporting - 15%
- Daily monitoring of the SIEM and other security management tools/logs to identify and response to potential incidents.
- Triage, report, and assist with security incidents in correspondence the incident response plan.
- Perform regular monitoring and reporting for relevant compliance objectives.
- Be prepared to carry out data forensics tasks in accordance with the incident response plan.
- Be prepared to advise the incident response team on remediation action in accordance with the incident response plan.
- Provide quarterly information security reports for management.
- Provide vision and expertise for scaling and improvement of enterprise wide security operations and initiatives.
Security Testing and Vulnerability Management - 25%
- Maintain and manage the Vulnerability Management program.
- Perform regular penetration testing engagements as needed for compliance as well as general security analysis.
- Perform regular vulnerability assessments as needed for compliance as well as general security analysis.
- Perform regular code audits for company applications.
- Configure and set up tooling, primarily on Linux based systems, for C2, scanning, and other applicable technologies that may be required for testing.
- Lead teams on penetration testing engagements.
General Operations and Automation - 15%
- Create, maintain, and utilize tools to standardize and automate common tasks related to the information security team.
- Help the information security team enforce company and team standards.
- Help enforce relevant compliance standards and objectives.
- Stay educated in current security practices and propose new ideas and techniques to improve the team's tooling and practices.
- Provide an expert level of security council and consulting for any teams as needed.
- Conduct regular user awareness and developer security training.
- Communicate with security related vendors as necessary.
- Conduct regular security reviews as needed across departments.
- Conduct regular incident response simulations per the incident response policy guidelines.
- Manage and protect cryptographic keys.
- Work with executive management to implement enterprise wide security and information security policies, standards, and procedures.
- Create Policy for relevant compliance standards.
- Set up and install any relevant security tools, such as SIEM or scanner agents, as needed for all operating systems.
- Provide enterprise wide training on relevant information security practices and standards.
- Create training material for the information security team.
- Assist executive management in performing enterprise wide risk analysis.
Team Building - 10%
- Lead and participate in regular team training exercises for penetration testing and incident response.
- Assist in training Security Analysts in best practices for penetration testing and vulnerability assessments.
- Meet or exceed annual goals.
- Comply with all company, divisional and departmental policies and procedures.
- Manage time sensitive tasks on a daily basis.
- Work flexible hours, including evenings and weekends.
- Protect confidential information.
- Contribute to departmental and company goals and objectives.
- Improve Information Security Skills annually by attending conferences, taking classes, and achieving certifications.
- Primary on-call contact for critical incident response scenarios.
- Lead the information security team to carry out all relevant information security tasks.
- Ensure compliance goals are reached and maintained.
- Other duties as required.
- 3-4 years of relevant IT experience.
- Experience leading a team of information security professionals in a formally organized, competitive, or corporate environment.
- 2 years of professional experience in running the information security office analyzing and applying information security, risk management, and privacy practices
- Extensive experience in strategic planning, budgeting, and allocation.
- Strong understanding of Security Operations to include monitoring, vulnerability and patch management, threat modeling and incident response.
- Knowledge and understanding of Cloud platforms such as AWS, Azure and Google Cloud. Ability to integrate security technologies across hybrid cloud environment.
- Deep understanding of security technologies and how to deploy them properly (IDS/IPS, Endpoint Protection, Secure configurations, Multi-Factor authentication, email security, SIEM, etc.
- Experience managing key service providers to service levels and performance on delivered services.
- Strong influencing skills to include negotiation, problem solving, and conflict resolution.
- Solid analytical skills and understanding of processes, technology and operational concepts.
- An unquestionable work ethic with the ability to accomplish established goals with minimal supervision.
- Strong project management and people management skills.
- A high degree of attention to detail.
- Strong written and oral communication skills.
- Strong technical documentation skills for creating reports related to information security.
- Excellent leadership skills.
- An ability and drive to adapt and learn new skills related to IT and information security.
- Ability to multi-task and shift with changing priorities and projects.
- Ability to train security concepts.
- Strong understanding of the variety of application development architectures, platforms, methodologies, and supporting operations.
- Familiarity or experience with integrating application security assuming technologies into CI/CD pipeline.
- Strong knowledge of Identity Management technologies and associated processes.
- Expert knowledge of networks and network protocols.
- Expert experience modifying and configuring Linux/Unix and Windows systems.
- Advanced programming knowledge with the ability to automate tasks (ex. Bash, Python, or PowerShell).
- Expert knowledge of log analysis including understanding how to efficiently parse and analyze logs.
- Expert practical knowledge of network analysis tools such as tcpdump and wireshark.
- Expert understanding of how Firewall/IDS/IPS/AV technologies work and how to configure them in a broad sense.
- Expert practical knowledge of penetration testing methodologies, tools, and practices.
- Expert understanding of vulnerability severity standards as categorized by NIST, PCI DSS, or OWASP.
- Expert understanding of forensic analysis and data recovery tools such as volatility or foremost.
- Expert understanding of web application security standards defined by OWASP.
- Advanced understanding of PCI DSS and SOC 1 requirements and how to execute related compliance objectives.
- Advanced understanding of reverse engineering for the purposes of desktop and mobile application exploitation.
- Advanced programming skills with experience developing full stack applications.
- Good understanding of VCS, specifically git.
- Security certifications such as the eCPPT, OSCP, or OSCE, as well as CISSP or CASP.
- Strong knowledge of common compliance standards such as GDPR, COPPA, and HIPAA.
- Experience competing in CTF or other security competitions.
- Experience in System Administration of Linux/Unix and Windows systems.
- Experience in creating and understanding complex network topologies.
- Strong general knowledge regarding RHEL and Windows Server.
Job Type: Full-time
- IT: 3 years (Required)
- Information Security: 2 years (Required)