- DUTIES AND RESPONSIBILITIES
The Director of Information Security will be responsible for developing, implementing, and managing the organization's security strategy and programs. This role involves overseeing all aspects of information security, risk management, compliance, and incident response to protect the company and its clients from cyber threats. The ideal candidate will possess strong leadership skills, deep technical knowledge, and a proactive approach to security management.
Specific responsibilities may include:
- Develop and execute a comprehensive security strategy that aligns with the company's business objectives and client needs.
- Establish and maintain security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
- Conduct regular risk assessments and vulnerability assessments to identify and mitigate security risks, both internal and for customers / partners.
- Oversee the implementation and management of all security technologies,
- Develop and maintain incident response plans and coordinate responses to security incidents, including investigations and reporting.
- Ensure the continuous monitoring of security systems and the timely detection and response to security events.
- Create and maintain security playbooks and runbooks to standardize and streamline security operations and incident response.
- Ensure the effective delivery of managed security services, including the response to security incidents.
- Collaborate with other departments and partners to integrate security measures into all aspects of operations.
- Provide regular reports on the status of the security program to senior management and clients.
- Stay up-to-date with the latest security trends, threats, and technologies, and recommend enhancements to the security program.
- Manage relationships with external security vendors and service providers.
- Support and participate in the organization’s Continual Improvement Program to conform to ISO 27001:2013 requirements by complying with the Information Security Policy and procedures and meeting ISMS objectives.
- Understand the implications of not conforming with ISMS requirements.
- All employees have a professional duty to bring up to the IS Department, Top Management, or their Supervisor, any information security issues or incidents or situations that present potential security risks.
- Other duties as assigned.
- REQUIREMENTS
- EDUCATION AND TRAINING
- Bachelor's Degree
- EXPERIENCe, KNOWLEDGE AND SKILLS
- Five to Ten years of Cybersecurity, Information Security, or similar professional experience
- Relevant certifications such us CISSP, CISM, CEH, and others
- In-Depth knowledge of security frameworks
- In-Depth knowledge of various industries’ compliance frameworks such as ISO 27001, SOC 1-2, NIST, PCI-DSS, GDPR, and HIPAA.
- Extensive experience creating and maintaining security policies across the OSI layer
- Strong and proficient technical knowledge & experience in cybersecurity tools, technologies and solutions
- Excellent people skills, with an ability to partner with a dynamic leadership team
- Strong communication and relationship-building skills
- Strong background in cybersecurity operations
- Implementing and managing cybersecurity measures
- Flexible with the ability to work within an ambiguous, fast-moving environment, while also driving toward clarity and solutions
- Capable of successfully multi-tasking while working independently or within a group environment
- Capable of working well under pressure while dealing with unexpected problems in a professional manner
- Ability to work well in a cross-functional team environment
- Must have excellent organization and prioritization skills
- Possess personal qualities of integrity, credibility and commitment to M7 Services’ mission
- PHYSICAL AND SAFETY REQUIREMENTS
- Reasonable accommodations are made to enable individuals with disabilities to perform essential job functions.
- Sitting, bending, standing, walking, 8-10 hours per day.
- Able to lift to 50 lbs. and reach with hands and arms.
- Must comply with any safety or PPE requirements.
- Exposure to production environment.