AssuredPartners

Director of Information Technology Security(CISO)

Job ID
2021-8515
# of Openings
1
Category
Information Technology
Office Location
200 Colonial Center Pkwy
Location : Location
US-FL-Lake Mary

Overview

The focus of the Director of Global Information-Technology Security is to lead information risk and information security initiatives for Assured Partners.  In this role, the Director will work with both IT and corporate leadership to protect the confidentiality, integrity, and availability of information, and to maintain the administrative and technical safeguards to provide that protection. The role includes management of all aspects of security related projects while demonstrating large-scale companywide project expertise.   

Responsibilities

  • Lead the information security architecture, engineering, operations, incident response, and resilience functions.
  • Develop, implement, and monitor a strategic, comprehensive enterprise information security program to ensure the integrity, confidentiality, and availability of data.
  • Document and maintain a risk assessment framework covering information and physical security, data governance and business continuity.
  • Develop and maintain information security policies, standards, and guidelines. Oversee the approval, training, and dissemination of security policies, standards, and guidelines.
  • Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action. Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company's reputation
  • Partner with the Enterprise Risk Management to define standards and processes and provide subject-matter expertise to oversee vendor information security risk and inform periodic audits of third-party service providers' information security and business continuity controls.
  • Provide regular and consistent reporting on the status of the information security program to enterprise risk teams, senior business leaders
  • Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
  • Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address findings. Develop and manage information security budgets and monitor them for variances.

Qualifications

  • Bachelor’s degree in Computer Science, Business Management, or another related major.
  • 10+ years of multi-disciplined IT experience preferably in a financial services/ retail environment, and an in-depth understanding of regulatory mandates to include, SOX, HIPAA, PCI, GLBA etc.
  • Knowledge of security best practices and tools, including intrusion detection, response and prevention Understanding of security investigation and computer forensics methods
  • Audit experience (Regulatory, SOX)
  • In-depth understanding of regulatory mandates to include, SOX, HIPAA, PCI, GLBA
  • Preferred: Information Security related certification (e.g., CISSP, CISM, CISA) 
  • Strong Technical background 
  • Demonstrated leadership and management experience  
  • Demonstrated experience acting as a change agent
  • Program/Project management skills
  • Excellent oral and written communication skills
  • Excellent analytical and troubleshooting skills

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed