Director of Information Security

Eleven Recruiting • santa monica, ca, us • 4m ago

Title: Information Security Director

Location: Santa Monica, CA (Hybrid 3 days)

Target Compensation: $160k - 200k (Flexible)

Bonus Eligible: Yes

Technical Skills: Incident Response, Security Policies and Procedures, Security Governance, Compliance, Application Security, 3rd party vendor management, Penetration Testing, Annual Risk Assessment

A Santa Monica based financial organization is hiring an Information Security Director to lead, develop, and run exiting security programs and initiatives in a growing organization. You will report into the Chief Technology Officer and work with Director of Infrastructure to support 175 users worldwide. The ideal candidate will bring extensive experience wearing multiple hats in a midsized financial services organization. This opportunity has lots of upward mobility.

Job Duties:

Create, standardize and maintain all firm Security Documents (Information Security Program, Incident Response Plan, Security Policies and Procedures, Infrastructure Presentations, etc.).
Work with Compliance Dept. to gather and provide required documents to satisfy security governance programs.
Identify 3rd party vendors and collect supporting documents to perform security due diligence on applications (external/internal) utilized by firm.
Perform active account audits on 3rd party internal and external hosted applications.
Perform sensitive data validation audit using data classification system.
Record and maintain all employee access and approval activity (Active Directory group, special permissions, e-mail distribution list access).
Review and record daily security/exfiltration alerts and logs.
Document and manage Windows and 3rd party patching process.
Document and manage security hardening process.
Perform new hire security training, administer monthly phishing training exercise, and maintain security training logs.
Schedule and document annual risk assessment & Penetration Tests.
Schedule and document bi-annual disaster recovery testing procedures and results.
Maintain disaster recovery electronic notification system.
Serve as lead for managed security vendors.
Highlight and report security updates to firm.

Education/Experience:

Financial, Legal or Professional Services industry highly preferred.
Bachelor’s degree or certifications and equivalent experience in related field
5+ years of experience as an Information Security Analyst, Lead or Manager; 1+ years of Director Level experience