Director of Information & Security
Employment Type: Full-Time/Direct-Hire
Workplace Type: Onsite
Location: Irvine, California
Industry: Consumer Electronics
Compensation: $250,000 - $350,000 + 20% annual bonus
POSITION OVERVIEW:
The Director of Information Security will lead the development and implementation of the organization's information security strategy and oversee all aspects of information technology (IT) security. This high-profile role is responsible for ensuring the confidentiality, integrity, and availability of all corporate data and IT systems. The Director will work closely with the executive leadership team to align security initiatives with business objectives, mitigate risks, and ensure compliance with regulatory requirements.
KEY RESPONSIBILITIES:
Leadership & Strategy:
- Develop, implement, and manage the overall enterprise information security strategy, ensuring it aligns with the organization's goals and objectives.
- Lead and mentor the information security team, fostering a culture of security awareness across the organization.
- Serve as the primary advisor to the President and executive team on all matters related to information security and IT risk management.
Risk Management & Compliance:
- Identify, assess, and prioritize information security risks and develop strategies to mitigate them.
- Ensure the organization complies with relevant regulations, industry standards, and internal policies, including GDPR, CCPA, and other applicable laws.
- Conduct regular security audits and assessments and manage the response to any security incidents.
Security Operations:
- Oversee the design, implementation, and management of security measures to protect the organization's IT infrastructure, applications, and data from cyber threats.
- Manage security operations, including threat detection, incident response, vulnerability management, and forensic investigations.
- Collaborate with IT teams to ensure that security is integrated into all phases of IT system development and operations.
Business Continuity & Disaster Recovery:
- Develop and maintain the organization's business continuity and disaster recovery plans, ensuring the ability to respond effectively to security incidents or disruptions.
- Lead the organization's response to major security incidents, coordinating with internal and external stakeholders.
Stakeholder Communication:
- Communicate the status of the organization's security posture to the Board of Directors, senior management, and other stakeholders.
- Provide training and awareness programs to employees at all levels to enhance understanding of security threats and best practices.
Vendor & Third-Party Management:
- Evaluate and manage relationships with security vendors and service providers, ensuring they meet the organization's security standards.
- Oversee the assessment and management of third-party risks, including the security practices of vendors and partners.
QUALIFICATIONS:
- Bachelor's degree in Information Technology, Cybersecurity, or a related field; Master's degree preferred.
- A minimum of 6 years of experience in information security, with at least 5 years in a leadership role.
- Proven track record of developing and implementing effective information security strategies and programs.
- Strong knowledge of cybersecurity frameworks, standards, and regulations.
- Experience with security technologies such as firewalls, intrusion detection/prevention systems, SIEM, encryption, and vulnerability management tools.
- Excellent leadership, communication, and interpersonal skills.
- Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the California Fair Chance Act, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County Fair Chance Ordinance. To the extent our customers require a background check for certain positions, the Company faces a significant risk to its business operations and business reputation unless a review of criminal history is conducted for those specific job positions.