Director Information Security, Biso

IntelePeer helps customers communicate better, faster and smarter, through its Communications Automation Platform. Our low- and no-code solutions provide customers with simple, easy-to-use tools that can be utilized by anyone. Powering automation through AI and analytics, IntelePeer provides industry-leading time-to-value and rapid time to improved customer experiences with solutions that work seamlessly with existing business software and infrastructure. For more information, visit: www.IntelePeer.com.

We provide a fast-paced, innovative, and casual environment that people love to work in, designed to broaden a candidate's professional experiences while promoting self-confidence, accomplishment, and career development.

POSITION RESPONSIBILITIES:

• Develops and implements information security and disaster recovery programs in accordance with the organizational information security standards.
• Creates and reports timely and accurate departmental metrics.
• Evaluates information security risk on a regular time schedule and promotes information security awareness within the organization.
• Communicates information security requirements and risk throughout the company and provide direction on risk mitigation and compliance.
• Supports corporate due diligence requests, client audits and related contractual reviews.
• Provides training to move security habits into the business and especially into technological departments.
• Provides information security program leadership to direct the program's staff in their duties and as needed throughout other departments to guide their information security efforts.
• Establishes and administers the overall strategies and procedures for the information security program.
• Analyzes, communicates, and enforces all security controls identified for our company's information security compliance requirements.
• Develops policies and procedures in accordance with corporate goals and compliance requirements.
• Performs risk management assessments, develop mitigation plans and communicate risk to leadership.
• Participates in and lead information security audits.
• Performs Business Impact Analyses and Business Continuity Plan tests.
• Reports to top management on the state of information security risk and creates functional strategies and specific objectives to achieve information security goals.
• Stays current on cyber security trends and news.
• Develops policies and procedures in accordance with corporate structure and compliance requirements to direct information security practices.

REQUIREMENTS:

Education:

· A technical 4-year degree in computer science, computer information systems, or engineering is recommended, but substantial experience can be substituted.

Expertise & Experience:

• Proficiency with using a PC, VPN, MS Office, Atlassian Confluence and Jira, and other business software is required.
• Exposure to security frameworks: PCI-DSS, COBIT, ISO 27000, NIST SP-800 Series, NIST Cyber security framework.
• Exposure to data privacy regulations: HIPAA, CCPA, EU GDPR.
• 10 or more years of experience in information security.
• Experience in the area of software development is a plus.

Competencies:

• Knowledge of intrusion detection and prevention systems.
• Change management processes, procedures, and tools.
• Knowledge of virus and malware behavior, and response methodologies.
• Use of Minimum Baseline Standards and Configuration Management.
• Strong interpersonal skills are needed to be successful. Senior analysts work with company staff, clients and vendors and regularly communicate with engineers, developers, management, and executive leadership.
• Cloud based infrastructure as a service and software as a service.
• Understanding of patch management with the ability to work with DevOps and Engineering teams to deploy patches in a timely manner while understanding business impact.
• Senior analysts are self-motivated and possess business acumen to determine priorities and solutions.
• SANS GSE, GISP, GSEC, GCED, GISF, GCIA, GCCC or GSNA.
• Hands on experience with common security tools and security distributions.
• Secure Software Development Life Cycle (SSDLC)
• Scanning and penetration testing tools that test networks, computers, web-based applications, and other systems to detect vulnerabilities.
• Information security control frameworks such as NIST, ISO, and PCI-DSS.
• A background in software development would be helpful.
• Information security privacy regulations such as HIPAA, CCPA and EU GDPR.
• Network protocols, network devices, server operating systems, middle-ware systems, and secure architectures.
• Director Information Security Preferred Certifications: ISC2 CISSP, SSCP or CCSP.
• Security information and event management (SIEM) systems and centralized logging methodologies.

Why You Will Love it Here:

• Free snacks, fun events (virtual and in-person when we can again)
• A value-based culture where growth opportunities are endless
• Generous paid time off
• Legal coverage and other supplemental options
• 401K
• Competitive medical, dental & vision coverage
• Company-paid life insurance
• Company-paid short-term and long-term disability

Compensation

• The starting pay range for a candidate selected for this position is generally within the range of $145, 000 - $157,500 for annual base salary. Employees are eligible for additional discretionary bonuses. The successful candidate’s actual pay will be based on various factors, such as work location, qualifications, and experience, so the actual starting pay may be above or below this range.

Any requests to exercise your rights as a data subject under GDPR should be submitted to [email protected] for prompt processing. Please refer to our Privacy Policy (at www.intelepeer.com/privacy/intelepeer-privacy-policy) for any questions on how IntelePeer complies with GDPR.

For California residents only: Please refer to the link below for IntelePeer’s Applicant CCPA Privacy Notice. https://intelepeer.com/privacy/intelepeer-california-applicant-privacy-notice/