Safariland

Returning Candidate?

IT Security and Compliance Director

IT Security and Compliance Director

Job ID 
2017-2029
# of Openings 
1
Job Locations 
US-FL-Jacksonville
Posted Date 
12/21/2017
Category 
Information Technology
Employee Type 
FT - Regular Full-Time
Position Level 
Executive

More information about this job

Overview

 

The IT Security and Compliance Director will be responsible for the development and implementation of the organizations Cybersecurity strategy. Must be able to translate risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. This position will also coordinate the IT organization's technical activities to implement and manage security infrastructure, and provides regular status and service-level reports to management. The individual is expected to interface with peers in IT, as well as with leaders across the business to both share the company security vision, and to solicit their involvement in achieving higher levels of enterprise security through information sharing and cooperation. This position will also be responsible for working with the business and IT stakeholders to balance real-world risks with business drivers such as speed, agility, flexibility and performance.

 

Responsibilities

  • Develop and implement the IT Security and Compliance strategy across The Safariland Group. Responsible for the planning and design of the enterprise security architecture.
  • Working with IT Leadership will develop and manage IT Security’s annual budget

  • Responsible for the creation and maintenance of enterprise security documents, including but not limited to policies, standards, baselines, guidelines and procedures.

  • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.

  • Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements. Perform and/or oversee internal audits.

  • Design, coordinate and oversee security testing procedures, including vulnerability testing, penetrations tests, and security audits, to verify the security of systems, networks and applications, and manage the remediation of identified risks.

  • Coordinate, develop and/or perform regular security awareness training to ensure consistently high levels of compliance with enterprise security documents. Support the creation/distribution of security awareness monthly newsletters.

  • Vendor relationship management: ensure that service levels and vendor obligations are met.

  • Develop, implement, and manage the security incident reporting policy and process

  • Participate in the design, maintenance and testing of an enterprise Business Continuity Plan and Disaster Recovery Plan

  • Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised industry standards, regulatory requirements, risk assessment techniques, security solutions and trends, improved security processes and the development of new attacks and threat vectors.

  • Will direct a staff of highly skilled professionals and coordinate resourcess with other management personnel across the enterprise

 

 

 

Qualifications

 

Reqired Experience

  • At least seven (7) to ten (10) years of experience in the information technology field
  • Five (5) years in an enterprise-wide security role

 

Required Education

  • Bachelors Degree in Computer Science, Business Administration, or related fields
  • Must have one or more of the following certifications:

    • Certified Information Security Manager, CISM

    • Microsoft Certified Systems Engineer: Security, MCSE Security

    • Certified Information Systems Security Professional, CISSP

    • Certified Common Security Framework Practitioner, CCSFP

 

Knowledge, Skills, & Abilities

  • Must have international security / data compliance experience

  • Knowledge of PCI and SOX compliance preferred

  • Excellent client relation, verbal, written and interpersonal skills

  • Ability to identify priorities and manage tasks