Director, Information Security
Information Technology and Network Services | New York, NY | Full Time
IAC is seeking a Director of Information Security to further the development of IAC’s enterprise security. Under the direction of the Chief Information Security Officer, the Director will work with business technical teams to identify and remediate vulnerabilities, implement security tools, improve user awareness and training as well as participate in security incident response efforts. This individual will help identify security requirements, develop vendor selection criteria and implementation plans while also tracking progress of such plans. This contributor will be expected to provide subject matter expertise to support these efforts, participate in the development of policies, procedures, and other documentation, and provide a level of consistency across the enterprise.
You will provide hands-on expertise in responding to security incidents, implementing tools, monitoring threats, etc. all while demonstrating strong communication skills, excellent organizational & project management skills.
- Work with IAC Businesses to develop detailed security project plans
- Track individual businesses’ progress towards established security objectives
- Lead security product selection & implementation efforts across IAC businesses
- Provide hands-on technical assistance to businesses’ implementation of security products
- Develop operational procedures for security tools (vuln scanning, SIEM, etc)
- Work with service providers and other staff members to implement established security procedures
- Coordinate security testing efforts; track remediation of findings
- Monitor threat landscape for emerging threats; communicate threat information to businesses
- Participate in security incident response efforts including off-hours/on-call support
QUALIFICATIONS AND SPECIAL SKILLS REQUIRED:
- Minimum of 10 years relevant experience required
- Bachelor degree in Computer Science/Engineering preferred or equivalent combination of education and relevant experience
- Experience with relevant security tools:
- Vulnerability Assessment tools (Rapid7, Qualys, etc)
- SIEM tools (Arcsight, QRadar, etc)
- NGFW (Palo Alto, Juniper, etc)
- Understanding of application security concepts, common app flaws, OWASP top 10, etc.
- Experience developing software is preferred.
- Demonstrated excellent organizational and time management skills
- Excellent communication skills – ability to exert influence & build consensus without direct authority
- Ability to work and manage time independently and creatively
- Ability to convey a strong presence, professional image, deal confidently with highly complex technical problems
- Ability to work independently and as part of a team; and ability to follow instructions and guidance
- Ability to anticipate problems, resolve ambiguity and take decisive action
- CISSP or other security certifications are preferred