Director of Information Security

Advantage Tech is searching for a Director of IT Security, for a well-established company in Kansas City, MO.

 

GENERAL PURPOSE OF THE POSITION:  Under limited supervision, the Director of Information Security is responsible for developing and maintaining the Firm’s information security and compliance program to ensure information assets are adequately protected.  Specific responsibilities include, but are not limited to, working with Firm leaders to facilitate solutions that bring about acceptable levels of residual risk; performing internal security audits, and managing other security and risk management projects, as necessary.

PRIMARY FUNCTIONS AND RESPONSIBILITIES:

  • Articulate the security agenda to business leadership
  • Analyze and document information security risks
  • Assess and continually improve security capabilities based on frameworks
  • Coordinate, document, and oversee HIPAA compliance activities
  • Coordinate, document, and oversee ISO27001 compliance activities
  • Document, test, and evaluate information security controls
  • Manage vendor relationships related to information security
  • Create and maintain information security  policies, procedures, and standards
  • Lead Computer Security Incident Response Team (CSIRT)
  • Document and respond to security incidents
  • Assess client requirements for information security and advise company leadership on impacts
  • Coordinate all security audits for the company including client audits and internal and external security assessments
  • Represent the company in threat intelligence and information sharing activities
  • Monitor industry best practices and trends
  • Create and execute information security strategy for the company
  • Supervise and transfer knowledge to information security staff and vendors as applicable
  • Represent information security in the company's project teams
  • Develop security requirements for projects
  • Manage information security risks related to the company's suppliers
  • Partner with business areas to improves security practices
  • Coordinate and oversee annual security awareness training
  • Educate IT management team on current and emerging issues in information security
  • Coordinate the maintenance of business continuity plans
  • Report information security activities
  • Lead by example; establish clear expectations; set direction and priorities; keep staff informed of all appropriate information; delegate at appropriate level.
  • Facilitate the development of staff by providing opportunities and support; provide timely feedback on work product; regularly coach, evaluate, and recognize staff performance and accomplishments.
  • Establish/adhere to Department budget; seek opportunities to improve department efficiency and reduce expenses.
  • Manage to budget objectives.

 

EDUCATION AND EXPERIENCE:

This job will require:

  • Bachelor's degree from four-year college or university, minimum 7  years of  Information Technology experience, or equivalent combination of education and experience.
  • A minimum of 5 years of experience in IT security and/or related functions, (e.g., IT audit and IT Risk Management) including a combination of compliance, auditing, and knowledge of ISO 27002 framework.

 

OTHER QUALIFICATIONS AND REQUIREMENTS:

To perform the job successfully, an individual must demonstrate the following knowledge skills and abilities:

  • Demonstrated knowledge and understanding of relevant information security compliance and regulatory requirements
  • Demonstrated experience with Information Security controls and related technologies such as intrusion detection systems, vulnerability scanning systems, authentication systems, Windows systems, application level security, network flow-based monitoring tools and distributed denial of service mitigation methodologies
  • Proficient understanding of IP network design/operation in both LAN and global WAN environment and experience with information security internal and external audits, contract compliance, and quality initiatives
  • Ability to adapt to change and balance competing demands
  • Ability to read, analyze, and interpret business and professional publications; prepare business correspondence, proposals and reports; effectively present information to groups of employees; and respond to questions from employees, managers, clients and vendors.
  • Ability to define problems, collect data, establish facts, and draw conclusions
  • Excellent verbal and written communication skills
  • Analytical ability and problem solving skills
  • Ability to work effectively in a team-oriented IT environment
  • Ability to work independently
  • Ability to manage multiple projects
  • Ability to effectively interface with clients
  • Supervisory skills
  • People management skills
  • Interpersonal skills
  • Leadership skills
  • Strategic thinking
  • Self-starter
  • Project management skills
  • Planning/organizational skills

 

COMPUTER SKILLS:

  • To perform this job successfully, an individual must have a conceptual understanding of the operation of Microsoft Operating Systems, Active Directory, SQL, Cisco technologies, computer operations and network design topology.
  • Experience with Information Security controls and related technologies, such as intrusion detection systems, vulnerability scanning systems, authentication systems, Windows systems, application level security tools, and distributed denial of service mitigation methodologies.
  • Experience working with Microsoft Word, Excel, PowerPoint, Project, & Visio applications.

 

CERTIFICATES, LICENSES, REGISTRATIONS:

Required: Certification of Information Systems Security Professional (CISSP), Certified information Systems Auditor (CISA), Certified Information Security Manager (CISM) or similar credentials

 

 

Advantage Tech is proud to be recognized as Kansas City Business Journal’s #1 locally owned IT staffing firm. We are passionate about delivering world-class service and value to our clients.  Advantage Tech’s customized recruiting model enables us to place consultants locally and nationally. Our clients want the best candidate at the most reasonable rate within a set timeframe; that’s precisely what we provide them.  We go even further.   Our consultant retention program gives our clients the added comfort our people will perform well and finish the project.

Please visit advantagetech.net to learn more about our culture, benefits and career opportunities

#advantagetech

Submit Resume