We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
OneBlood jobs

Director Information Security

OneBlood
United States, Florida, Orlando
Dec 05, 2024

Director Information Security


Job ID
2024-13923
Location
Orlando - Main
Geographic Location
US-FL-Orlando


Overview

Plays an integral part in the development, implementation, and compliance of technical security across the enterprise. Responsible for managing risks related to information security, network security, physical security, business continuity planning, crisis management, privacy, and compliance. In addition, ensures all staff members are trained on enterprise and governmental security requirements through awareness programs.



Responsibilities

The list of essential functions, as outlined herein, is intended to be representative of the duties and responsibilities performed within this classification. It is not necessarily descriptive of any one position in the class. The omission of an essential function does not preclude management from assigning duties not listed herein if such functions are a logical assignment to the position.

    Develops and implements security standards, policies, processes, procedures, and guidelines for the enterprise
  • Ensures security compliance with industry and government rules and regulations
  • Coordinates with technology and business groups to assess, implement, and monitor IT-related security risks/hazards
  • Understands the trade-offs required to manage various levels of risk tolerance and risk exposure across the organization and balance this with risk investments
  • Establishes metrics and a reporting framework to measure the efficiency, effectiveness, and maturity level of the program
  • Evaluates security trends, evolving threats, risks, vulnerabilities and improvement opportunities
  • Investigates security incidents; leads the immediate response and escalation; drives improvements in incident identification and response capabilities
  • Ensures security complies and meets all service level agreement requirements
  • Creates an information security awareness program to ensure staff members across the organization understand the trade-off between risk and return
  • Understands "voice of the customer" and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with need
  • Co-chairs the Information Systems Steering Committee (ISSC)
  • Performs on-call responsibilities and after-hours duties as necessary


Qualifications

To perform this job successfully, an individual must be able to perform each essential duty and responsibility satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.

EDUCATION AND/OR EXPERIENCE:

Bachelor's degree in Information Systems, Security, Business, Engineering, or related field from an accredited college or university; supplemented by ten (10) or more years of experience in an IT Technical and or Management position, including at least three (5) years of supervisory or management experience or an equivalent combination of education, certification, training, and/or experience.

CERTIFICATES, LICENSES, REGISTRATIONS AND DESIGNATIONS:

CISM (Certified Information Security Manager) or equivalence required, or CISA (Certified Information Security Auditor) or equivalence required, and CISSP (Certified Information Systems Security Professional) or equivalence preferred in a combination of two or more of the above listed certifications.

KNOWLEDGE, SKILLS AND ABILITIES

  • Professional experience in running the information security office analyzing and applying information security, risk management, and privacy practices
  • Ability to lead, influence and motivate others in cross-disciplinary, virtual, integrated teams in a collaborative fashion
  • Ability to influence and to drive consensus and adoption of complex strategies and concepts
  • Knowledge and experience in complex systems, platform engineering, servers/storage, network and data center operations
  • Knowledge in information security management and systems monitoring tools
  • Knowledge of information security best practices
  • Knowledge and experience in IT/IS within a healthcare or non-profit organization.
  • Knowledge of national and international regulatory compliances and frameworks such as ISO, NIST, COBIT, ITIL, SOX, BASEL II, EU DPD, HIPAA, and PCI DS
  • Excellent public speaking skills in front of small, and large groups including executive level company officers
  • Ability to travel 20% of the time
  • Ability to commute with personal transportation

PHYSICAL REQUIREMENTS

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Ability to exert light physical effort in sedentary to light work, which may involve some lifting, carrying, pushing and/or pulling of objects and materials of light weight (up to 20 pounds).

ENVIRONMENTAL REQUIREMENTS:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Functions are regularly performed inside without potential for exposure to adverse conditions, such as dirt, dust, pollen, odors, fumes and/or poor ventilation, wetness, humidity, rain, temperature and noise extremes, machinery and/or moving vehicles, vibrations, electric currents, animals/wildlife, toxic/poisonous agents, gases or chemicals, oils and other cutting fluids, violence and/or disease, or pathogenic substances.

OneBlood is an Equal Opportunity Employer/Vet/Disability/Other Protected Categories

Applied = 0
MORE JOBS LIKE THIS

(web-86f5d9bb6b-jpgxp)