Senior (5+ years of experience)
AVP of IT Security
Our Client is looking for an Assistant Vice President of IT Security to implement systems access and data security policies and standards that ensure a stable and secure systems operating environment. The AVP of IT Security will be responsible for ensuring the development and execution of effective technical security requirements and controls for all Application Development projects.
Develop and implement security policies and procedures to control user identification, authentication, and access to databases, internet, applications, networks, mainframe and servers.
Develop operational review practices to facilitate proper security design and testing in new software releases and Application Development projects.
Ensure the development and execution of effective technical security requirements and controls for all Application Development projects.
Ensure security controls meet compliance and best practice standards (i.e. Sarbanes-Oxley, PCI, etc.). Promote security awareness programs to support the corporate strategy.
Contribute to the proper design, maintenance and execution of the Incident Response Plan.
Evaluate security threat management policies, practices and tools.
Work with senior management to determine acceptable levels of risk for enterprise computing platforms. Partner with other IT departments and business groups to understand
user needs for access to data and applications.
Review and evaluate projections on resources needed for IT Security projects (i.e. capital costs, head counts, contractors, etc.)
Review IT Security project portfolio to ensure appropriate prioritization.
Manage staff and develop them for future growth within the department and organization.
Proactively research security/compliance changes in governmental/industry regulations or best practices that may affect security policies.
Knowledge of Information Security best practices.
Knowledge of Information Security systems including firewalls, SIEM platforms, vulnerability testing, and virus protection. Knowledge of a broad range of technologies
including client server operating systems, midrange and mainframe systems.
Knowledge of regulatory environment (Sarbanes Oxley, PCI).
Job keywords/tags: Security , CISSP , Sarbanes-Oxley , AVP