Director of Information Security

San Francisco, CA 94133

Post Date: 04/25/2018 Job ID: 95155 Job Category: Engineering
 
Title of Job:  Director of Information Security

Company Description:  Ecommerce platform

Location:  San Francisco

SF based mega Ecommerce platform is looking for a Director of Information Security to develop security strategies and programs  as they continue in accelerated growth.  This leader will have a  strong background in information security to take responsibility for the following initiatives:

Responsibilities: 
  • Develop an information security strategy aligned with business goals and objectives.
  • Align information security strategy with corporate governance.
  • Establish a process for information asset classification and ownership.
  • Implement a systemic and structured information risk assessment process.
  • Identify current and potential legal and regulatory requirements affecting information security.
  • Specify the activities to be performed within the information security program.
  • Manage internal and external resources (e.g., finances, people, equipment, systems) required to execute the information security program.
  • Ensure that processes and procedures are performed in compliance with the organization’ s information security policies and standards.
  • Ensure  performance of contractually agreed (i.e. with joint ventures, outsourced providers, business partners, customers, third parties) information security controls.
  • Develop and implement processes for preventing, detecting, identifying, analyzing and responding to information security incidents.
  • Establish escalation and communication processes and lines of authority.

 

Requirements:
  • CISA, CISSP, or CISM certification(s).
  • AWS/Cloud experience required.
  • B.S. degree or equivalent. Business, Computer Science, Information Assurance, Information Security, or Information Systems a plus.
  • Min  7 years of experience in information security, at least 5 years of experience working in an I.S. Security management role in a large, multi-platform I.S. computing environment.
  • Deep knowledge of regulatory/compliance requirements.
  • Direct support for  Security Information Event Management products, enterprise logging +  developing & managing correlation rules, filters, trends, and reporting.
  • Experience with operation of large enterprise security management tools such as IDS/IPS, DLP, WAF, firewalls, NAC, etc.
  • Experience with Threat Intelligence, Threat Analysis and Incident Response.
  • Demonstrated ability to build bridges between I.T., Development, Accounting, Marketing, Sales, and Support teams.
  • Strong understanding of the full SDLC and deployment of applications with adherence to security standards.

 

Reports to: VP of Engineering

Salary:  DOE

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: