Director of Cyber Security

The Director of Cyber Security is responsible for establishing, implementing, and maintaining an enterprise-wide information security program to ensure that data assets are adequately protected. This role encompasses governance, compliance, protocols, and procedures, as well as hands-on management of firewalls, Azure AD user management, endpoint protection systems, infrastructure, and policies.

Key Responsibilities:

• Governance and Compliance:
• • Develop and enforce security policies, protocols, and procedures.
  • Ensure compliance with relevant laws, regulations, and standards.
  • Conduct regular security audits and assessments.
• Security Operations:
  • Oversee the implementation and management of firewalls, intrusion detection/prevention systems, and other security infrastructure.
  • Manage endpoint protection systems to safeguard against malware and other threats.
  • Monitor and respond to security incidents and breaches.
• End-User Management:
  • Direct Involvement in Onboarding: The Security Director personally oversees the onboarding process to ensure that new users receive proper security training and access controls from day one.
  • Customized Access Management: They work closely with all departments to tailor access permissions based on individual roles, ensuring that each user has the appropriate level of access.
  • Regular Audits and Reviews: Conducts frequent audits of user access and permissions to identify and address any potential security risks or unauthorized access.
  • Swift and Secure Terminations: Ensures that user accounts are promptly and securely deactivated upon termination, minimizing the risk of data breaches or unauthorized access.
  • Continuous Improvement: Actively seeks feedback from users and other departments to improve the onboarding and termination processes, making them more efficient and secure.
• Risk Management:
  • Identify and mitigate security risks to the organization.
  • Develop and implement risk management strategies.
  • Conduct risk assessments and vulnerability testing.
• Infrastructure Security:
  • Ensure the security of the organization's IT infrastructure.
  • Implement and manage network security measures.
  • Oversee the security of cloud-based systems and services.
• Leadership and Collaboration:
  • Collaborate with other departments to ensure a cohesive security strategy.
  • Provide security training and awareness programs for employees.
• Strategic Planning:
  • Develop and execute a strategic security plan aligned with business objectives.
  • Stay updated on the latest security trends and technologies.
  • Recommend and implement new security solutions as needed.
    
    

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Experience in information security, including hands-on experience with Cisco/Meraki firewalls, CrowdStrike, endpoint protection systems, and infrastructure security.
• Knowledge of security governance, compliance, and risk management.
• Excellent communication skills.
• Relevant certifications such as CISSP, CISM, or CISA are preferred.