Director, Information Security

This position is responsible for developing security strategy and implementing security systems and protocols that safeguard and comply with established policies, procedures and standards of the specified area of IT. This position is responsible for managing risks related to information security, policy development and enforcement, identity management, crisis management, privacy and compliance with the Payment Card Industry Data Security Standards (PCI DSS). Actively collaborates across IT and business areas within area of specified responsibility to ensure successful results of designated initiatives are achieved.
Develops and implements information security standards, processes and procedures, and guidelines for the enterprise
Management, development and maintenance of a portfolio of Information Security systems/technologies/processes
Manages data outputs of security monitoring tools and proactively drives appropriate security measures to protect the enterprise and end users.
Performs as subject matter advisor and may serve as point of escalation and become actively involved, as required, to meet schedules and resolve security problems highly complex in nature.
Creates an information security awareness program to ensure staff members across the organization understand the policies and procedures related to information security
Manages issues proactively, including timely resolution and the identification of remediation opportunities. Identifies and resolve systemic issues to prevent them from repeating.
Develops and proposes options with pros/cons and risk, and works with stakeholders to finalize the best solution that meets business needs.
Work with system administrators and application developers to audit, monitor and validate their environment's security, including conducting gap analysis and other comprehensive internal assessments of existing systems to improve the security infrastructure and mitigate risks.
Position will have direct responsibility for PCI security deliverables.
Establish, document, and distribute security incident response and escalation procedures to ensure timely and effective handling of all situations.
Leading the security assessment, risk analysis, and implementation of solutions identified as necessary solutions with developing security policies, procedures and staff training programs required for compliance with regulatory requirements
Lead the develop of risk based approach to prioritizing work and building information security roadmap
Monitor, distribute and analyze security alerts and information.
Maintain Intrusion Detection/Prevention System.
Research new vulnerabilities and malicious software, reviewing the company's potential exposure to each.
Perform vulnerability testing and analysis on all network assets and applications/projects
Analyze access control requests, making informed decisions about appropriate access.
Ability to identify, develop and ensure maintenance of security reporting metrics to support key decision makers
Conduct research on emerging products, services, protocols, and standards in support of systems software procurement and development efforts.
Perform network, server and end user security audits.
Establishes all security measures to support disaster recovery efforts.
Propose, implement and manage portfolio of security tools and processes to support and protect the enterprise.
Required Qualifications
Minimum 7+ years' experience in a management role running the information security office, analyzing and applying information security, risk management, and privacy practices
Computer Science or Business Administration degree
This is a full-time position that provides Security support, on a 24 x 7 schedule.
Proven track record and experience in developing information security programs, policies and procedures, including successful implementations in large enterprise environments.
Payment Card Industry (PCI), PII, COBIT/ISO experience preferred.
CISSP certification is preferred
Experience using time management skills such as prioritizing/organizing and tracking details and meeting deadlines of multiple projects with varying completion dates.
Experience analyzing and reporting data in order to identify issues, trends, or exceptions to drive improvement of results and find solutions.
Experience identifying operational issues and recommending and implementing strategies to resolve problems.
Good written and oral communication skills.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Philadelphia, PA University of Pennsylvania
Director, Information Security Assurance (R101...
Plymouth Meeting, PA IQVIA Holdings Inc
Telecommute Information Security Engineer 4
Philadelphia, PA Wells Fargo
Telecommute Senior Information Security Engineer
Philadelphia, PA U.S. Bank (U.S. Bancorp)
Remote Information Security Engineer
Philadelphia, PA FormAssembly