Director, It Security Jobs

Job Summary:
This position is accountable for IT security for the Americas region. Specifically, assists with the design, deployment, documentation, integration and initial configuration of all new security solutions and any enhancements to existing security services in accordance with standard best operating procedures. Manages the administration of all security systems and their corresponding or associated software, including firewalls, VPNs, intrusion detection, incident response, cryptography, content filters, and anti-malware systems. Creates and propagates security awareness and training programs among employees. Oversees change control processes and security governance for the region. This position will be key to the execution of the overall security strategy that is developed for the region. Manages and supports a Security Analyst as part of the IT Security department team.
Primary Duties & Responsibilities:
Manages and directs IT security services for the Shiseido Americas region.
Development, Support, and Monitoring of Regional / Global Security Infrastructure program
Responsible for PCI and PII compliance, including providing oversight for vendors providing QSA services and driving remediation plans and processes.
Demonstrates an understanding of comprehensive regional /global security programs, including technologies and tools, architectures and network and application design, and policies / business aspects of risk.
Demonstrates expertise performing IT Risk & Security assessments and developing information security strategies and appropriate policies.
Recommends security solutions to assist with the assessment and improvement of Shiseido Networks security infrastructure as well as demonstrate a strong understanding of the IT security landscape, including emerging risks and security solutions.
Translate business needs and regulatory requirements into risk appropriate controls to successfully implement security policies, standards, and guidelines.
Develops, implements, manages, advises, surveys, or audits all security programs, policies, and procedures.
Develops training and awareness efforts for employees, contractors, and visitors to establish a “culture of care” to prevent or mitigate security incidents.
Develops metrics to measure the effectiveness and efficiency of all security programs and personnel.
Acts as lead or technical support for major incident investigations involving security related issues.
Ensures adherence to protocols for 24x7x365 response and notifications for alarms, emergencies, or critical incidents.
Analyze complexity and feasibility of new or changed requirements.
Maintain documentation relevant to operations (high and low-level designs, operation manual, installation guide, etc.)
Is responsible to integrate 3rd party security software into Shiseido (off the shelf or on behalf development within Shiseido)
Qualifications & Competencies:
At least 7 - 10 years’ experience working in a progressive information security operations or engineering group.
Bachelor’s or Advanced degree in Security Engineering, Computer Science, or related field
Strong knowledge of application architectures, enterprise architecture, release methodologies, project management, technical support, production support, client/server applications, internet/ intranet applications, and SaaS computing
Outstanding collaboration and team building skills. Strong written and verbal communication skills.
Proven hands-on experience with firewalls and knowledge of IP networking and network security including Intrusion Detection, DMZ, encryption, IPSec, PKI, VPNs, MPLS/VPN, Site to Site VPN tunnels, SSL/VPN, proxy services, secure SD-WAN and DNS operations.
Knowledge of ZScaler Zero Trust & CyberArk Privilege Access, a PLUS.
Extensive PCI, PII and Data Classification knowledge, preparation, mitigation, remediation, and overall readiness.
Azure cloud architecture and Landing Zone methodology knowledge.
Cloud security and administration experience.
Splunk experience, a PLUS
Ability to oversee SOC managed services.
CISSP certification preferred
Hands On Qualys, Microsoft Sentinel and LogRhythm experience desired.
CASB experience and knowledge.
Vulnerability management.
Hands on Email and Web Filtering Administration.
Hands on with security investigation and analysis.
Proven record in an IT Security Engineering role.
Planning and implementing comprehensive security strategies.
Gathering security intelligence and implementing preventative measures.
Developing work schedules, allocating tasks, and monitoring personnel performance.
Coordinating responses to emergencies and alarms, as well as compiling incident reports.
Preparing surveillance equipment maintenance schedules and facilitating repairs in a timely manner.
Keeping abreast of new technologies and advancements in security services.
Ensuring compliance with company policies and security industry regulations.
#LI-Remote #Nylaw
Shiseido is an Equal Opportunity Employer and does not discriminate on the basis of race, color, gender identity, religion, sex, age, national origin, disability, veteran status, sexual orientation, genetic information or any other classification protected by Federal, State or Local law
Salary :
$125,993 - $209,988/ year