2018-05-04

IT Security Director
Job Opportunity at Kyler Professional Search

Posted on May 4

http://www.kylerprofessionalsearch.com    412-420-0061

Location: Pittsburgh, PA
Job Type: Full Time
Job ID: W4158979

Our client is a fast growing company in the retail space with close to $3B revenue and 240 stores in 30 states.  The IT Security Director will play a key leadership role in the companies growth.

Overview:
                    
This position is responsible for developing security strategy and implementing security systems and protocols that safeguard and comply with established policies, procedures and standards of the specified area of IT. This position is responsible for managing risks related to information security, policy development and enforcement, identity management, crisis management, privacy and compliance with the Payment Card Industry Data Security Standards (PCI DSS). Actively collaborates across IT and business areas within area of specified responsibility to ensure successful results of designated initiatives are achieved. 
 
Responsibilities:
  • Develops and implements information security standards, processes and procedures, and guidelines for the enterprise
  • Management, development and maintenance of a portfolio of Information Security systems/technologies/processes
  • Manages data outputs of security monitoring tools and proactively drives appropriate security measures to protect the enterprise and end users.
  • Performs as subject matter advisor and may serve as point of escalation and become actively involved, as required, to meet schedules and resolve security problems highly complex in nature.
  • Creates an information security awareness program to ensure staff members across the organization understand the policies and procedures related to information security
  • Manages issues proactively, including timely resolution and the identification of remediation opportunities. Identifies and resolve systemic issues to prevent them from repeating.
  • Develops and proposes options with pros/cons and risk, and works with stakeholders to finalize the best solution that meets business needs.
  • Work with system administrators and application developers to audit, monitor and validate their environment’s security, including conducting gap analysis and other comprehensive internal assessments of existing systems to improve the security infrastructure and mitigate risks.
  • Position will have direct responsibility for PCI security deliverables.
  • Establish, document, and distribute security incident response and escalation procedures to ensure timely and effective handling of all situations.
  • Leading the security assessment, risk analysis, and implementation of solutions identified as necessary solutions with developing security policies, procedures and staff training programs required for compliance with regulatory requirements
  • Lead the develop of risk based approach to prioritizing work and building information security roadmap
  • Monitor, distribute and analyze security alerts and information.
  • Maintain Intrusion Detection/Prevention System.
  • Research new vulnerabilities and malicious software, reviewing the company’s potential exposure to each.
  • Perform vulnerability testing and analysis on all network assets and applications/projects
  • Analyze access control requests, making informed decisions about appropriate access.
  • Ability to identify, develop and ensure maintenance of security reporting metrics to support key decision makers
  • Conduct research on emerging products, services, protocols, and standards in support of systems software procurement and development efforts.
  • Perform network, server and end user security audits.
  • Establishes all security measures to support disaster recovery efforts.
  • Propose, implement and manage portfolio of security tools and processes to support and protect the enterprise.
Required Qualifications
  • Minimum 7+ years’ experience in a management role running the information security office, analyzing and applying information security, risk management, and privacy practices
  • Computer Science or Business Administration degree
  • This is a full-time position that provides Security support, on a 24 x 7 schedule.
  • Proven track record and experience in developing information security programs, policies and procedures, including successful implementations in large enterprise environments.
  • Payment Card Industry (PCI), PII, COBIT/ISO experience preferred.
  • CISSP certification is preferred
  • Experience using time management skills such as prioritizing/organizing and tracking details and meeting deadlines of multiple projects with varying completion dates.
  • Experience analyzing and reporting data in order to identify issues, trends, or exceptions to drive improvement of results and find solutions.
  • Experience identifying operational issues and recommending and implementing strategies to resolve problems.
  • Good written and oral communication skills.
 
ITManagementCentral.com is owned, operated, and copyrighted by Career Marketplace (© 2002-2019, All Rights Reserved)
CAREERMARKETPLACE INC BBB Business Review