Director of Information Security (JVN-544516) New York City, NY
Title: Director of Information Security
Job Type: Permanent
Primary Location: New York City, New York
Vignetic is looking for a Director of Information Security who will have a wide breadth of information security experience, specifically in security operations, architecture, advisory, and management to be our Director of lnformation Security. This candidate will have a strong background in understanding complex distributed systems that interact, receive and exchange data with multiple partner sources and be able to identify, manage, and remediate any risks that can impact the organization. The ideal candidate will have a balanced approach of security and business operations and is able to translate technical risk to business impact.
Role & Responsibilities:
- Partner with key stakeholders in the business to identify, assess, aggregate and document risks and controls, including risks associated with new or modified products, services, distribution channels, regulations, and third-party operations.
- Present findings to various levels of leadership concerning the status of system risk or failure because of installations, upgrades and modification and the cost or impact to business operations.
- Contribute to the implementation of new risk policies, practices, and solutions to ensure holistic understanding and management of risks according to industry best practice.
- Enhance strategies, tools, and methodologies to measure, monitor, and report data risks.
- Support the formulation of stress test plans for a line of business or the enterprise including the evaluation of results and framing of contingency plans in partnership with key business stakeholders.
- Supervise and guide a team of Senior Security Analysts to optimally perform their duties to secure the operational integrity from internal and external threats.
Essential Skills & Qualifications:
- A baccalaureate degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the position; or
- Education and/or experience which is equivalent to “1” above.
- Experience in the performance of analytical, planning, operational and technical review in the movement of information across the network.
- Knowledge of emerging technology and the security governance implications.
- Demonstrated understanding of cyber security risk management concepts, cybersecurity frameworks, control standards, and security technologies.
- Strong background in various flavors of operating systems (Windows, Linux, UNIX) and databases (Oracle, DB2, MySQL, MongoDB).
- Strong understanding of various security solutions (Cisco FirePower, BlueCoat, Rapid7, Palo Alto, Crowdstrike, Imperva, Nessus, McAfee, Tanium, Splunk, Wireshark, etc.)
- Experience with application forensic tools (Veles, DNSpy, IDA, CyberChef, etc.)
- Experience designing, architecting, troubleshooting, and deploying various security technologies while minimizing the business impact that can occur from the implementation of active security technologies.
- Experience managing Information security operations teams.
- Excellent skills with MS products (Project, Word, Excel, PowerPoint, Access, and Visio).
- Excellent written and oral communication skills and proven analytical skills.
- Demonstrated ability to develop and maintain project management metrics.
- Flexible and able to conform to shifting priorities.