03 June 2021

Director, IT Security and Compliance

Director, IT Security and Compliance

SUMMARY OF POSITION 

The IT Security & Compliance Director is responsible for performing technical risk and vulnerability assessments at the network, system, and application level as well as conducting threat modelling exercises, developing, and implementing security controls, formulating operational risk mitigations, along with assisting in security awareness programs.

ORGANIZATION STRUCTURE

Reports directly to the US IT leader. Will work closely with all IT staff, project managers, and lines of business, especially system owners. Is based in the Morristown, NJ office.

RESPONSIBILITIES

Performs daily security operations and wide range of IT security activities including network and systems security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics.

  • Define and implement IT security strategy
  • Serves as a security representative to ensure all IT projects and systems are implemented and maintained to the highest security standards.
  • Trains employees on IT security
  • Constructively engage business partners regarding cybersecurity issues. 
  • Performs systems administration, tuning, maintenance, upgrades and manages changes for IT security systems. 
  • IT Security planning and budgeting process.
  • Performs system administration, tuning, maintenance, upgrades, patching and manages changes for IT security systems.
  • Operating network intrusion detection, extrusion detection and network analysis tools, and network traffic analysis along with active intrusion prevention methods and technologies. 
  • Operates common security, vulnerability assessment and penetration testing tools.
  • Leads research and evaluation of new security tools, techniques, and technologies. 
  • Applies knowledge of centralized logging and security event management best practices, event correlation, as well as experience with network equipment syslog data. Windows Event Log, and application (database, web server, DND, DHCP) log analysis
  • Leads the implementation of security polices, procedures, and best practices.
  • Leads the implementation of security standards and guidelines such as ISO/IEC 27001, CIS benchmarks, Cobit, and NIST.
  • Strong problem-solving and trouble-shooting skills
  • Able to effectively analyze risk within the context of business problems.

 QUALIFICATIONS

  • BS Degree required, ideally in Computer Science, Information Systems or other related field required; Advance degree preferred
  • 5+ years of relevant experience in IT Security 
  • Ability to communicate written or orally with all levels of the operation.
  • Ability to develop and maintain strong internal relationships.
  • Experience with incident response and digital forensics required.
  • Experience with vulnerability assessments methods, risk analysis, penetration testing, operating system and network auditing required. 
  • Strong attention to detail required. 
  • Vendor neutral technical certifications (such as SANS certification) preferred.
  • Vendor sponsored and professional certifications (CISSP, CISA, CCNP, Certified Ethical Hacker) 

 

 We are an EEO Employer.

Apply for

this position