The Information Security Director is responsible for developing, implementing, and overseeing the company's information security and cybersecurity programs to protect sensitive data from unauthorized access or breaches. This role ensures compliance with industry standards and regulatory requirements, while managing security risk assessments, incident response, and ongoing security measures across the organization. Collaboration with various departments is key to integrating security into all operations.
Responsibilities & Duties:
- Develop and implement the company's information security strategy, policies, and procedures.
- Conduct security risk assessments and oversee vulnerability management to identify and mitigate potential threats.
- Lead incident response efforts, including post-incident analysis and reporting to senior management.
- Ensure compliance with relevant laws, regulations, and industry standards (e.g., PCI DSS, NIST).
- Collaborate with IT, Engineering, and other departments to integrate security measures across all operations, including cloud and hybrid environments.
- Develop and deliver security awareness training programs for employees
Requirements:
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- 10+ years of experience in information security, with at least 5 years in a leadership role.
- In-depth knowledge of security risk management, incident response, vulnerability management, and cybersecurity threat management.
- Familiarity with security frameworks such as NIST, and experience with security governance and regulatory standards (e.g., PCI DSS).
- Preferred: Advanced degree and security certifications (e.g., CISSP, CISM, CISA), with experience in telecommunications or critical infrastructure sectors.
