This site uses cookies. To find out more, see our Cookies Policy

DIRECTOR OF SECURITY - $165K + BONUS - IRVINE, CA in Irvine, CA at Vaco

Date Posted: 4/9/2018

Job Snapshot

Job Description

EXPERIENCE:

  • Knowledge of common information security management frameworks, such as NIST, ISO 27001, COBIT, or PCI DSS.
  • 5-7 years of relevant experience required, with proven knowledge of security architecture design, network security, mobile security, vulnerability management, and threat intelligence/analysis.
  • Solid understanding of the information security landscape, including emerging threats and security solutions.
  • Proven expertise with performing security assessments and recommending security solutions to assist with improvement of security infrastructure.
  • Deep knowledge of security policies, regulations, and compliance issues.
  • Strong ability to translate complex IT and security challenges and issues into business risks.
  • Confident communication skills and ability to provide regular management program/project briefings.
  • Proficient in project management disciplines and processes.
  • Comfortable working in a matrixed organization and able to work in a collaborative environment across business and technology teams.


Responsibilities:

  • Ensure the development, testing and implementation of appropriate security plans, products and control techniques. Help identify protection goals, objectives and metrics consistent with the corporate strategic plan.
  • Ensure the development, testing and implementation of appropriate security plans, products and control techniques. Help identify protection goals, objectives and metrics consistent with the corporate strategic plan.
  • Guide leadership and managers on information security strategy, architecture design and incident response,
  • proactively addressing the needs of the internal client community in order to consistently meet or exceed defined levels of security.
  • Coordinate information security initiatives with Legal, Safety and Security stakeholders.
  • Coordinate vulnerability assessments of deployed software applications and enterprise systems, to include penetration testing, architecture reviews and patch management.
  • Develops, implements and communicates compliance objectives to ensure an appropriate compliance and risk aware culture.
  • Interacts with various business groups to understand how they use IT systems to assess whether systems should be included within the scope of the various compliance areas (SOX, HIPAA, PCI, etc.).
  • Identifies gaps in the design and operating effectiveness of controls, and identify opportunities for more efficient and effective controls.
  • Monitors and analyzes technology risk trends and recommends appropriate IT policies, procedures and practices to strengthen internal operations.
  • Educates IT and business leaders on appropriate mitigation strategies and approaches.
  • Ensures monitoring and testing of business continuance procedures and response to system failures.
  • Assist with the development and implementation of metrics to assess or assure compliance activities of the enterprise.
  • Participate data breach reporting, events remediation, and mitigation.
  • Proactively builds processes to minimize / eliminate downtime.
  • Consults with appropriate business and IT leaders regarding the evaluation and selection of vendors to ensure service level agreements meet business continuance and disaster recovery planning requirements.
  • Work with production teams to identify risks and implement security controls to mitigate them.
  • Manage security compliance activities to ensure Showtime is able to meet internal audit, legal and regulatory requirements.

  • CISA (Certified Information System Auditor) certification preferred.
  • CRISC (Certified in Risk and Information System Controls) certification preferred.