Director Of Information Security
AGM Tech Solutions - A Woman and Latina-owned IT Staffing Firm-an Inc. 5000 company - New York City, NY
Apply NowJob Description
This is a contract to hire role. Please no third partiesThe roleSeeking a Director of Information Security to lead our cybersecurity initiatives and ensure the protection of our digital assets, systems, and data. Reporting directly to the Chief Information Officer, this position will drive the development and implementation of a comprehensive security strategy that aligns with our business goals. The director will focus on identifying and mitigating risks, ensuring compliance with regulatory requirements, and fostering a culture of security awareness across the organization. This position will play a critical role in shaping the security posture of cutting-edge technologies and immersive experiences. This includes leading incident response efforts, managing security operations, and advising leadership on emerging threats and best practices. If you are a strategic thinker with a passion for cybersecurity and innovation, this is your opportunity to lead a high-impact function in a dynamic, forward-thinking company.What you'll doDesign, implement, and oversee the company's comprehensive cybersecurity strategy to protect systems, data, and operations. You will be responsible for identifying, assessing, and mitigating security risks while ensuring compliance with industry regulations and standards.Develop and maintain a robust security architecture that includes network security, endpoint security, and cloud security in partnership with Product and Engineering teams.Establish and maintain security policies, procedures, and standards to safeguard both on-premise and cloud-based environments, aligning practices with the company's growth and innovation goals. Collaborating with cross-functional teams, you will integrate security into business processes and technology initiatives, ensuring that security considerations are prioritized throughout.Establish and manage the security operations center (SOC), monitoring for threats, and leading incident response efforts to quickly and effectively address potential breaches. You will develop a robust incident response plan, conduct regular drills, and analyze root causes to prevent future incidents.Oversee vulnerability management programs, including regular assessments, penetration tests, and patch management, to ensure systems remain resilient and secure. Additionally, you will evaluate emerging threats and implement proactive measures, such as secure architecture designs, endpoint protection strategies, and employee training programs to enhance security awareness across the organization.Work closely with vendors and service providers to evaluate and implement cutting-edge cybersecurity technologies that enhance the client's security posture.Communicate effectively with executive leadership and the board, providing regular updates on security metrics, risks, and strategic initiatives, and ensuring alignment with the company's overall objectives.What you'll bringEducation: Bachelor's degree in Computer Science, Information Security, or a related field.Cybersecurity Certifications and Technical Skills: Certifications like CISSP, CCSP, or equivalent, demonstrating expertise in security architecture, vulnerability management, and securing complex environments.Security Technologies: Experience with security technologies, such as firewalls, intrusion detection systems, and encryption.Experience with security orchestration and automation tools, such as SOAR and SIEM.Industry Knowledge: Strong understanding of emerging security threats and trends, such as AI and machine learning.Advanced Security Knowledge: Deep expertise in firewalls, VPNs, secure protocols, encryption, and threat mitigation, ensuring a strong security posture and protection of critical business assets.Cloud Security Proficiency: Experience securing hybrid and multi-cloud environments (AWS, Azure, GCP), integrating cloud security best practices into existing infrastructures.Leadership and Collaboration: Strong leadership and interpersonal skills, with the ability to lead cross-functional teams and align security strategies with organizational goals.Risk Management and Problem-Solving: Skilled in identifying, assessing, and mitigating security risks, with the ability to analyze threats and resolve security incidents quickly.Vendor and Stakeholder Management: Experience managing vendor relationships to ensure security tools and services meet performance and budget expectations, and collaborating with internal teams to align security efforts with business needs.Documentation and Communication: Expertise in documenting security policies, incident reports, and compliance metrics, with the ability to communicate complex security concepts to both technical and non-technical stakeholders.Adaptability and Continuous Improvement: Thrive in dynamic environments with a continuous improvement mindset, adapting to emerging threats and ensuring security systems evolve with the company's needs.Experience with SD-WANFamiliarity with Software-Defined Wide Area Network (SD-WAN) solutions to optimize connectivity and streamline the management of security across branch offices.Automation and Scripting SkillsExperience with automation tools (e.g., Terraform, Python) to enhance security operations, automate incident response, and streamline security task management.Security Framework KnowledgeIn-depth understanding of security frameworks and protocols (e.g., NIST, CIS, ISO2007 etc.), including experience with network segmentation, access controls, and advanced threat detection systems.Wireless Security ExpertiseExperience in designing and securing enterprise-level wireless networks, including Wi-Fi 6 and other emerging wireless technologies.Cloud Security KnowledgeFamiliarity with cloud-native security technologies and best practices for securing hybrid and multi-cloud environments, ensuring comprehensive protection across platforms.Disaster Recovery ExperienceExpertise in designing and implementing network and security disaster recovery strategies to ensure business continuity in the event of failures or security incidents.Performance Monitoring ToolsExperience with security monitoring and management tools (e.g., SolarWinds, Nagios, PRTG,GCP Logs Explorer, Prometheus, tcpdump) to assess and optimize security posture and incident response times.Network Security Load BalancingKnowledge of load balancing technologies and techniques for maintaining high availability and security in network infrastructure.Vendor Negotiation ExperienceExperience negotiating contracts and managing relationships with cybersecurity vendors, hardware providers, and service providers to ensure the best value and performance.ITIL KnowledgeFamiliarity with ITIL frameworks for improving IT service management processes and ensuring the efficient delivery of security services.Emerging Technology ExposureFamiliarity with emerging cybersecurity technologies such as 5G, edge computing, IoT, and their implications for enterprise security architectures.
Created: 2025-01-15