#R3466
d direct activities of the Information Security and Technology Compliance in support of business operations;
Increase and maintain visibility of our systems and data;
Oversee the deployment of cybersecurity technologies and cybersecurity program enhancements;
Oversee operations for technology compliance reporting [Including but not limited to SOX; PCI; SEC]
Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities
Assist in the oversight of financial budget operations
Ensure compliance with security standards and completion of mandated enterprise initiatives and security projects;
Develop and report performance metrics that demonstrate business impact and risk reduction.
Prepare technical reports for executive leadership;
Evolve the cybersecurity vulnerability management program to meet growth needs;
Evaluate cyber security threats, risks, vulnerabilities, and processes to determine relative risk to the product, system, and organization;
Lead management of key third-party security vendors providing SaaS services
Ability to conduct research and establish cybersecurity relevant positions to mitigate risk and promote operational effectiveness
Ability to interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives.
Ability to prioritize and allocate cybersecurity resources correctly and efficiently.
Leads or commissions suitable information security awareness, training and educational activities;
E duc a ti o n a nd / o r Ex p e r i ence
Bachelor's degree in Information Technology or similar technical field
10+ years of relevant cybersecurity
5+ years of utilization of industry cybersecurity frameworks
3+ years of direct leadership of compliance reporting [featuring SOX and PCI]
5+ years of people leadership experience
S k ill s / Spec ializ ed Kn o wl e dge
In-depth understanding of industry standards, frameworks, and regulations related to cybersecurity (e.g., NIST, ISO, GDPR, MITRE, CIS, Cloud Security Alliance).
Ability research and grasp emerging security concepts
Strong interpersonal, conflict management and communication skills
Effective documentation and reporting skills
Excellent written and verbal communication skills
Strong ability to manage tasks; schedule and organize priorities
Required Licenses or Certifications
CISSP [active] - preferred
CRISC; C|CISO; CISM; ITIL - recognized
Other Requ i r e m en t s
Travel to IH Market offices as required, amount of up to 30%.
Must maintain professional appearance.
Ability to be at work on a regular and consistent basis; On-call availability may be required for this position.
Phys i cal and Mental De m a n d s
This position will spend long hours sitting and using office equipment and computers. The position may also entail light lifting of supplies and materials occasionally, up to and including 20 pounds in addition to re ac h i ng, st oo p i n g, standing, and walking . This position requires the ability to talk, h e a r , c o m p a re , c o m put e , c o m p il e , c o p y, a n a l yz e , c o or d i n a t e , s y n t h e s i z e , n e g o t i a t e a n d c o m mun i cat e. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions.
W o r k E nv ir on m ent
S t a nd a r d o f f i ce w o r k i n g e n v i ron me n t that may be busy and noisy at times.