Job Details

Email to Friend Save Back

Director of IT Risk & Information Security

NEW YORK-10011, NY, US
03/28/2019

-

Required Skills

Security Frameworks

Company

Infinity Consulting Solutions, Inc

Experience

10 to 12 Year(s)

Job Description

Director of IT Risk & Information Security

Midtown NYC

Investment Banking Client

$170K-$180K base + bonus

This is a hands-on Director level role leading a team of 4 engineers and reporting to the CISO/CTO.

The candidate will be responsibie for developing a strategic vision and roadmap in order to enhance/update current Information Security/Risk/Business Continuity/Disaster Recovery plans.

We are looking for a candidate who can implement new technolgies and build upon the IT foundations already established.

Responsibilities

Responsible for following established guidelines and identifying and resolving problems.

Individual at this level is expected to be an expert and owner on all Information/Cyber Security/IT Risk initiatives.

Must have recent hands-on experience with some of the key security technologies—IDS, SIEM, DLP, Firewalls, Vulnerability Management, Endpoint Security; SSL intercept etc.

Understanding of Security Frameworks, such as: NIST 800-53, ISO/IEC 27000, FFIEC CAT

Work with relevant internal IT Application, Infrastructure, Network and Support teams to ensure that security controls are implemented at all significant and relevant phases of all IT processes

Ensure that the IT systems are compliant with applicable regulations, group policies, codes and industry guidance, e.g. performing gap analyses between standards such as SANS
Top 20, NIST 800-53, ISO 27001, and the Information Security Framework. Where gaps are identified, assist in implementation of controls

Manage a team of 4 engineers

Develop budgets and long-term vision of group

Present to senior leadership at the C level

Train and develop employees

Review security event log data and investigate anomalies

Perform monitoring activities and risk assessments

Respond to, and where appropriate, resolve or escalate reported security incidents

Implement Business Continuity and Disaster Recovery plans

Management of security related events and tracking of remediation process

Implement and support information security solutions including security architectures,
change/configuration management, and the integration of security products as needed

Develop and maintain documentation for security systems and procedures and processes.
Develop security awareness training for new employees

Participate in information security working groups

Perform testing to evaluate new products for network and system security controls

Maintain logging and monitoring standards, technical investigative techniques and reporting

Maintain project scheduling and task follow on security initiatives

Qualifications

Bachelor’s Degree in Computer Science or related field

Experience managing a team within the financial services space

At least 10 years of relevant experience in IT Risk and Security including:

Cybersecurity solutions and protection

System vulnerability tools

Security monitoring tools

Disaster Recovery

Business Continuity Plans

Application security risk assessment tools

Creating effective technical educational programs

Performing gap analyses within different environments coupled with an in depth
understanding of regulatory guidelines as well as standards and best practices related to ISO and NIST.

Excellent communication and presentation skills are a must

Experience implementing and bringing new technologies to a team is a plus

Any of the following certifications is a plus: SSCP, CISM, CISA, or CISSP