Director, Information Security Job Description

Information Security Director establishes and administers the overall strategies and procedures for the information security function. Develops and implements information security and disaster recovery programs in accordance with organizational information security standards. Being an Information Security Director evaluates information risk on a regular time schedule and promotes information security awareness within the organization. Requires a bachelor’s degree or its equivalent. Additionally, Information Security Director typically reports to top management. The Information Security Director manages a departmental sub-function within a broader departmental function. Creates functional strategies and specific objectives for the sub-function and develops budgets/policies/procedures to support the functional infrastructure. Deep knowledge of the managed sub-function and solid knowledge of the overall departmental function. To be an Information Security Director typically requires 5+ years of managerial experience.

View Director, Information Security jobs

Director, Information Security Job Description Template

Our company is looking for a Director, Information Security to join our team.

Responsibilities:

  • Increase and maintain visibility of our systems and data;
  • Deploy security technologies and program enhancements;
  • Research and establish technical security standards, processes, and workflows that ensure quality and operational effectiveness;
  • Oversee appropriate sanctions for failure to comply with the corporate privacy policies and procedures;
  • Ensure policies, procedures, and protocols are being executed and provide leadership, training, and guidance to staff members;
  • Ensure compliance with security standards and completion of mandated enterprise security projects;
  • Prepare technical reports for executive leadership;
  • Evolve the nH vulnerability management program to meet growth needs;
  • Evaluate cyber security threats, risks, vulnerabilities, and processes to determine relative risk to the product, system, and organization;
  • Leads or commissions suitable information security awareness, training and educational activities;
  • Actively monitor the regulatory and legislative landscape for changes in requirements to protect the security and privacy of regulated data;
  • Grow capabilities in regard to Data Loss Prevention;
  • Ensure that Xanterra maintains its PCI compliance status through;
  • Leads or commissions information security risk assessments and controls selection activities;
  • Develop and report performance metrics that demonstrate business impact and risk reduction.

Requirements:

  • At least one of the following qualifications strongly desired: CISSP, CISM, GIAC;
  • Strong problem solving, conflict resolution and negotiation skills;
  • Highly collaborative with the ability to influence and work with many internal stakeholders;
  • Must be able to travel up to 10%
  • An entrepreneurial drive to find and solve problems;
  • Experience in establishing cybersecurity and risk metrics for reporting;
  • Understanding of Network/Security Engineering.