Job Description

The Director of Information Security willlead our enterprise-wide information security program. This role is responsible for developing and implementing robust security strategies, managing risk, ensuring regulatory compliance, and fostering a culture of security awareness across the organization. The ideal candidate will bring deep technical expertise, strong leadership capabilities, and a proactive approach to managing evolving cybersecurity threats.

Leadership and Strategy

• Direct and lead the information security team, establishing and implementing enterprise-wide security strategies and procedures.
• Mentor and develop team members, promoting a culture of continuous improvement, accountability, and innovation.
• Serve as a trusted advisor to business units, providing guidance on security risks and mitigation strategies.
• Align security initiatives with business goals and risk tolerance.

Operational Management

• Conduct and oversee comprehensive risk assessments, audits, and vulnerability analyses across the organization.
• Develop, implement, and enforce security policies, standards, and procedures aligned with frameworks such as   NIST ,   ISO 27001 , and   CISA .
• Ensure compliance with data protection laws and industry regulations including   GDPR ,   HIPAA ,   SOX , and   PCI DSS .
• Provide regular reports and updates to executive leadership on the status of the information security program and emerging threats.
• Maintain strong collaboration with Development, Infrastructure, and Network teams, as well as business units, to ensure alignment and integration of security objectives.
• Lead the response to security incidents, ensuring timely investigation, containment, and resolution. Maintain and test incident response plans.
• Stay current on evolving cybersecurity threats, technologies, and best practices.

• Bachelor’s degree in Information Security, Computer Science, or a related field; Master’s degree preferred.
• Minimum of  10 years   of experience in information security, with at least  5 years   in a leadership role.
• Strong knowledge of cybersecurity frameworks and standards (e.g.,   ISO 27001 ,   NIST ,   CIS ).
• Proven experience in   risk management ,   incident response , and   regulatory compliance .
• Relevant certifications such as   CISSP ,   CISM , or   CISA   are highly desirable.
• Deep technical expertise in areas such as   network security ,   application security , and   cloud security .
• Proficiency in security tools and platforms including   SIEM ,   vulnerability management , and   endpoint protection .
• Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels.
• Strong analytical and problem-solving skills with the ability to manage multiple priorities in a fast-paced environment.
• Experience in developing and managing budgets for security initiatives.
• Awareness of emerging cybersecurity threats, threat intelligence, and threat hunting techniques.

#li-EG1

Job Tags

Similar Jobs