Are you a Director, IT Security professional with experience from an IT or Security consulting firm? Do you have 8+ years experience in developing, implementing or architecting information security systems? If so, read on and let's talk.
•Manage IT Security projects involving strategy, implementation, support, and software/hardware optimization related to security, privacy and business resilience.
•Review and re-design security profiles to assess and improve how application security is being used as a part of the overall control environment.
•Provide guidance and advise project teams in developing and enhancing IT security controls and resolving identified deficiencies within the IT department of our clients. The Director will recommend IT solutions that balance client resource constraints with the need to mitigate risk.
•Security strategy - Assess, design and implement a security strategy and governance program framework that describes the process, controls, organization and infrastructure to manage information security related concerns.
•Security implementation - Design, implement and integrate security solutions to address enterprise risks and exposures.
•Security governance - Design and implement security policies, procedures and standards that describe pragmatic, risk-based mechanisms to maintain the confidentiality, integrity and availability of information systems and the data processed therein.
•Security monitoring - Design and implement security solutions to monitor the efficiency and effectiveness of security operations, controls and infrastructure.
•Oversee successful project completion by prioritizing manager and senior tasks.
•Responsible for negotiating the scope of the work, bill rates and budgets for recurring projects at existing clients.
•Responsible for maintaining and building the client relationships.
- Bachelor’s degree from an accredited college/university in an appropriate field
- Hands-on knowledge of ISO27001, PCI-DSS, COBIT and Privacy Regulation requirements is required.
- A minimum of 8+ years of related work experience in developing, implementing or architecting information security systems with a strong understanding of information security regulatory requirements and compliance issues
- Extensive knowledge base in operations, systems evaluation and architecture
- Experience in process definition, workflow design and process mapping
- Knowledge of general security concepts and methods such as vulnerability assessments, privacy assessments, intrusion detection, incident response, security policy creation, enterprise security strategies, architectures and governance
- Understanding of networking (TCP/IP, OSI model), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS, etc.) and application programming/scripting languages (C, Java, Perl, Shell)
- Demonstrated ability to develop new engagement opportunities in the information security advisory space; and the ability to contribute to the development of client deliverables and technical content
- Strong existing relationships within the Information Security or IT executive ranks (e.g., CIO, CISO, Director of Information Security, SVP and VP of Information Security)
- Project management of information security projects including development of project charters and plans; management of project execution and successful implementation of the planned solution