8 months ago
The Director - Information Security Operations serves as the process owner for all operational activities that serve to protect the confidentiality, integrity and availability of member, employee, and business information and systems in compliance with organization policies and standards, along with regulatory obligations. He/she leads a highly technically proficient team, provides strategic and operational direction, ensuring that objectives/metrics are achieved, managing risks appropriately, using organizational resources responsibly, and monitoring the success or failure of security operations including risk assessment/acceptance; vulnerability management; security event and threat monitoring and reporting; intrusion, malware and inappropriate use detection; effective implementation of policy, standards and controls; and incident response.
- Implement, manage and operationalize a security event management program (e.g., Security Operations Center) to collect, store, and correlate, analyze and respond to security data derived from sensors (e.g., Intrusion Detection Systems/Intrusion Prevention Systems), logs and incident reports. Create advanced content to detect emerging threats utilizing threat intelligence sources and discipline.
- Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary, and legal matters associated with such breaches as necessary.
- Serve as an internal information security consultant to the organization. Support enterprise architecture, system operations and systems development, as required, to ensure information security policy, standards and controls are planned for and effectively implemented.
- Recruit, retain, develop and maintain a qualified team of security engineers/technicians, analysts, and vendors who safeguard the company’s assets, intellectual property and information systems.
- Direct and oversee performance of risk assessments and network vulnerability assessment. Document, prioritize and manage all remediation recommendations and documents and manage exceptions. Direct and oversee performance of application assessments to include both application risk and technical vulnerability assessments.
- Actively participate in strategy and budget planning activities and monitor performance relative to established goals and objectives.
- Conduct root cause analysis of real or suspected security incidents and identify cause and recommended corrective actions.
- Collaborate with Governance, Risk and Performance on the definition and execution of security training and awareness initiatives with a focus on identifying and correcting behaviors that contribute to poor security practices or increase the risk to information and systems.
- Provide and or contribute to the development of annual and ad-hoc information security evaluations and performance reports to be shared with the Information Security Working Group and other executive leadership, as required.
- Produce, collect and report on relevant existing and emerging information security threats in coordination with the threat intelligence and vulnerability management disciplines.