Information Technology Security Specialist

KEY ROLES AND RESPONSIBILITIES

We are seeking a highly skilled and experienced Head of Information Security to lead our information security efforts and safeguard our company's data and infrastructure. This role is crucial in ensuring that our information security policies, procedures, and technologies effectively protect against cyber threats and vulnerabilities.

Strategic Leadership :

 Develop and implement a comprehensive information security strategy aligned with the company's goals and regulatory requirements.

 Lead the development and execution of information security policies, procedures, and standards.

 Provide strategic direction for security initiatives, including risk management, incident response, and compliance.

Risk Management :

 Identify, assess, and prioritize information security risks, and implement appropriate mitigation strategies.

 Conduct regular security assessments, vulnerability scans, and penetration tests to ensure the security of systems and applications.

 Oversee the development and execution of disaster recovery and business continuity plans.

Compliance and Governance :

 Ensure compliance with relevant regulatory requirements, including GDPR, CCPA, and industry-specific standards (e.g., PCI DSS, ISO 27001).

 Stay current with evolving legal and regulatory requirements and update policies and procedures as needed.

 Conduct regular audits and assessments to ensure adherence to internal and external security requirements.

Incident Response and Management :

 Lead the response to security incidents, including investigation, containment, eradication, and recovery.

 Develop and maintain an incident response plan and conduct regular drills to ensure readiness.

 Coordinate with internal and external stakeholders during and after security incidents.

 Team Leadership and Development :

 Build and lead a high-performing information security team, providing mentorship, training, and career development opportunities.

 Foster a culture of security awareness and promote best practices across the organization.

Collaboration and Communication :

 Work closely with senior management and other departments to integrate security into business processes and projects.

 Communicate security policies, risks, and recommendations to stakeholders and ensure understanding and compliance.

 Collaborate with external partners, vendors, and industry groups to stay informed about emerging threats and best practices 4. QUALIFICATION AND EXPERIENCE REQUIRED

 Bachelor’s degree in Information Security, Computer Science, or a related field. Advanced degree or certifications (e.g., CISSP, CISM, CISA) preferred.

 Proven experience (12+ years) in information security roles, with a track record of managing complex security programs and leading teams.

 In-depth knowledge of information security principles, practices, and technologies.

 Strong understanding of regulatory requirements and industry standards related to information security and data protection.

 Demonstrated experience in risk management, incident response, and compliance.

 Excellent leadership, communication, and interpersonal skills.

 Ability to think strategically and manage multiple priorities in a fast-paced environment.