Director of IT Risk & Information Security
NEW YORK-10011, NY, US
03/28/2019
-
Required Skills
Company
Infinity Consulting Solutions, Inc
Experience
10 to 12 Year(s)
Job Description
Director of IT Risk & Information Security
Midtown NYC
Investment Banking Client
$170K-$180K base + bonus
This is a hands-on Director level role leading a team of 4 engineers and reporting to the CISO/CTO.
The candidate will be responsibie for developing a strategic vision and roadmap in order to enhance/update current Information Security/Risk/Business Continuity/Disaster Recovery plans.
We are looking for a candidate who can implement new technolgies and build upon the IT foundations already established.
Responsibilities
Responsible for following established guidelines and identifying and resolving problems.
Individual at this level is expected to be an expert and owner on all Information/Cyber Security/IT Risk initiatives.
Must have recent hands-on experience with some of the key security technologies—IDS, SIEM, DLP, Firewalls, Vulnerability Management, Endpoint Security; SSL intercept etc.
Understanding of Security Frameworks, such as: NIST 800-53, ISO/IEC 27000, FFIEC CAT
Work with relevant internal IT Application, Infrastructure, Network and Support teams to ensure that security controls are implemented at all significant and relevant phases of all IT processes
Ensure that the IT systems are compliant with applicable regulations, group policies, codes and industry guidance, e.g. performing gap analyses between standards such as SANS
Top 20, NIST 800-53, ISO 27001, and the Information Security Framework. Where gaps are identified, assist in implementation of controls
Manage a team of 4 engineers
Develop budgets and long-term vision of group
Present to senior leadership at the C level
Train and develop employees
Review security event log data and investigate anomalies
Perform monitoring activities and risk assessments
Respond to, and where appropriate, resolve or escalate reported security incidents
Implement Business Continuity and Disaster Recovery plans
Management of security related events and tracking of remediation process
Implement and support information security solutions including security architectures,
change/configuration management, and the integration of security products as needed
Develop and maintain documentation for security systems and procedures and processes.
Develop security awareness training for new employees
Participate in information security working groups
Perform testing to evaluate new products for network and system security controls
Maintain logging and monitoring standards, technical investigative techniques and reporting
Maintain project scheduling and task follow on security initiatives
Qualifications
Bachelor’s Degree in Computer Science or related field
Experience managing a team within the financial services space
At least 10 years of relevant experience in IT Risk and Security including:
Cybersecurity solutions and protection
System vulnerability tools
Security monitoring tools
Disaster Recovery
Business Continuity Plans
Application security risk assessment tools
Creating effective technical educational programs
Performing gap analyses within different environments coupled with an in depth
understanding of regulatory guidelines as well as standards and best practices related to ISO and NIST.
Excellent communication and presentation skills are a must
Experience implementing and bringing new technologies to a team is a plus
Any of the following certifications is a plus: SSCP, CISM, CISA, or CISSP
Information Architect
Information Technology
No Preference
FullTime Job
Other
1
Candidate Requirements
-
Bachelors
Walkin Information
-
-
-
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205,
NEW YORK-10018, NY,
US
-