|Date Posted||September 2, 2021|
The Director of Information Security (IS) is responsible for ensuring compliance with ISO 27001, HIPPA, FISMA, NIST, GDPR and other appropriate industry standards, to support the organizational strategy. The Director of IS works with the Technology department to guide the selection and deployment of technical controls to meet specific security requirements and defines processes and standards to ensure that security configurations are maintained. This position reports to Head of IT.
Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) preferred or demonstrated technical capability at this level.
IT security management or analysis experience mandatory.
ISO 27001 experience and qualification highly desired.
Understanding of security monitoring and testing processes such as vulnerability scanning, penetration testing, SIEM and IDS.
Experience working with Cloud, Big Data and Open Data architectures.
Proficiency in regulations and guidelines on IT security and data privacy such as HIPPA, FISMA, NIST, GDPR, etc.
Knowledge of data protection law and practices.
Able to identify and eliminate risks during technology projects for hardware or software upgrades.
Able to develop effective initiatives for information assurance and management options.
Able to measure risks and vulnerabilities and report different compliance issues, verification processes, and policy violations.
Effective communication and facilitation skills with the ability to simplify the complexity.
Able to maintain or increase the training and certifications for employees in IT and general security awareness for all employees.
Bachelor's degree in information assurance, business management, or a related field is required. Master' degree is preferred.
CRO, Pharma or similarly regulated industry experience and leadership certifications are a plus.