Information Security Director | Dallas | Perm |
About the Role:
We're seeking a seasoned Information Security Director to oversee the security posture of our client's organization. In this role, you'll be responsible for developing and implementing comprehensive security strategies, ensuring compliance with industry standards, and mitigating risks to protect sensitive data. As a trusted advisor, you'll collaborate with various stakeholders to foster a culture of security awareness and drive continuous improvement.
Key Responsibilities:
- Security Strategy: Develop and implement a comprehensive information security strategy aligned with business objectives and industry best practices.
- Risk Management: Conduct risk assessments to identify potential threats and vulnerabilities, and develop mitigation strategies to minimize risks.
- Compliance: Ensure compliance with relevant security frameworks, regulations, and standards (e.g., GDPR, HIPAA, ISO 27001, NIST Cybersecurity Framework).
- Governance: Establish and maintain effective security governance processes, including policies, procedures, and standards.
- Incident Response: Develop and maintain an incident response plan, and lead incident investigations and remediation efforts.
- Awareness and Training: Promote a security-conscious culture by developing and delivering security awareness training programs.
- Vendor Management: Oversee vendor security assessments and manage security relationships with third-party providers.
- Technology Evaluation: Evaluate and recommend security technologies and solutions to enhance the organization's security posture.
Qualifications:
- Bachelor's degree in Computer Science, Information Systems, or a related field.
- 7+ years of experience in information security, with a focus on security architecture, risk management, and compliance.
- Strong understanding of security frameworks, standards, and best practices.
- Proven ability to develop and implement security strategies.
- Excellent communication and interpersonal skills, with the ability to build relationships and influence stakeholders at all levels.
- Strong analytical and problem-solving skills.
- Experience with security technologies such as firewalls, intrusion detection systems, encryption, and identity and access management.
- Certifications such as CISSP, CISM, or CISA preferred.