Director of Information Security

View All Jobs

Job Position Summary:

The Director of Information Security will drive the assessment and transformation of our cybersecurity processes, ensuring comprehensive protection across all operations. They will work closely with senior leadership to develop and implement a robust security strategy that addresses evolving threats and risks and fulfill our Chief Information Security Officer (CISO) obligations. The Director of Information Security will also be responsible for leading the Security Operations Center (SOC) function, managing incident response, ensuring security processes and tools are operating effectively and supporting project delivery. Additionally, the Director of Information Security will oversee the establishment and maintenance of effective data governance to ensure the security, integrity, and compliance of information.

Responsibilities and Duties:

• Security Assessment - Lead a security assessment to identify gaps and vulnerabilities in the current cybersecurity infrastructure and processes.
• Compliance - Lead the organization to SOC II Type 2 compliance and certification.
• Policy Management - Oversee the design, implementation, and management of security policies and controls to protect information assets.
• Security Roadmap - Develop and execute a comprehensive security roadmap covering people, process and technology including compute, network, endpoint and cloud.
• Tool Evaluation - Work with IT to evaluate current security tools and recommend upgrades or new solutions. Ensure that security tools, such as SIEM, IDS/IPS, and endpoint detection systems, are properly configured and regularly updated.
• SOC and SIEM – Implement Arctic Wolf SOC and SIEM capabilities and support ongoing monitoring and containment.
• Vulnerability, Threat, and Risk Management – Manage vulnerability scanning, patch management, and threat intelligence efforts to proactively identify and mitigate risks while maintaining the Risk Registry. They will collaborate with IT operations to ensure vulnerabilities are remediated within defined SLAs and regularly assess and test security controls to ensure ongoing effectiveness.
• Security Monitoring and Metrics – Continuously improve security monitoring and alerting processes, collect and report key performance indicator metrics related to security operations and incidents.
• Strategic Guidance – Provide security insights and advice to executive leadership on trends and regulatory changes.
• Security Operations Leadership – Oversee day-to-day security operations, including monitoring and incident response, and manage the SOC function to ensure continuous 24x7x365 threat monitoring and rapid response.
• Incident Response – Lead the creation of incident response playbooks and establish communication protocols.
• Security Training – Oversee security awareness training to improve the organization’s security culture.
• Long-Term Framework – Recommend strategies for building a sustainable security operations framework.
• Asset Safeguarding – Protect information system assets by identifying and solving security issues.
• Access Control – Define and manage access privileges and control structures.
• Violation Reporting – Identify abnormalities and report security violations.
• Security Audits – Conduct periodic audits to uncover violations and inefficiencies.
• Service Standards – Maintain quality service by adhering to organization standards.
• Ongoing Learning – Stay current by attending workshops and reviewing publications.
• Team Collaboration – Contribute to team success by achieving related results as needed.
• Data Governance – Establish comprehensive data governance process in alignment with business requirements
• Project Delivery and Documentation Support - Collaborate with the business to understand the technical and functional requirements for integrating security operations into client solutions. Create and participate in the development and documentation of technical standards, project plans, implementation criteria, and system specifications. Support information security projects by researching, documenting, and assisting with the implementation of solutions, as well as supporting application security and hardening efforts.
• Access Management - Create and implement an Access Management process, leading the review of attestations for key system end-user access.
• Additional Responsibilities - Perform other tasks and duties as required to support and contribute to the overall success of the organization.
  
  

Qualifications:

• Self-starter with a high degree of integrity and professionalism.
• Ability to work independently as well as in a team environment.
• Capable of managing multiple tasks and projects simultaneously.
• Comfortability working under pressure or strict deadlines.
• Demonstrated ability to solve problems and formulate recommendations.
• Excellent communication skills.
• Exceptional attention to detail.
• Outstanding writing and analytical-thinking skills.
• Passion for learning and personal growth, specifically when it comes to technology.
• Possess organizational and prioritization skills.
  
  

Education and Experience:

• Bachelor’s degree in computer science, information systems, or related field. Master’s degree is a plus.
• 8 years of experience in cybersecurity, with at least 5 years in a leadership role (Chief Information Security Officer, Director of Security, etc.).
• Proven experience in leading security assessments and overhauls for medium to large organizations in SOC 2 type II compliance and certification.
• Advanced certifications such as CISSP (preferred), SANS GIAC/GCIA/GCIH, or CASP and/or SIEM-specific training and certification.
• Strong understanding of security best practices and compliance requirements, including NIST, ISO 27001, CIS Controls, and GDPR.
• Expertise in on-prem, cloud security (AWS, Azure), endpoint security, network security, and vulnerability management tools.
• Experience with SIEM platforms (Arctic Wolf, etc.) and incident response strategies.
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning solutions.
• Familiarity with the DOD Information Assurance Vulnerability Management program.
• Proficiency with the following: Anti-Virus, HIPS, IDS/IPS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.
• In-depth knowledge of security architecture, engineering, and operations.
• Understanding of mobile technology and OS (i.e. Android, iOS, Windows), VMware technology, and Unix and basic Unix commands.