The end client is unable to sponsor or transfer visas for this position; all parties authorized to work in the US without sponsorship are encouraged to apply.An American Company is seeking an Sr Director Information Security in Los Angeles, CA.Role DescriptionThe Senior Director Global Information Security provides subject matter expertise and guidance in establishing, overseeing and coordinating information security throughout the enterprise and in ensuring compliance with Payment Card Industry Data Security Standard (PCIDSS), Global Privacy Acts/Mandates, and other security requirements.
The Sr.
Director is involved in the design, development, and monitoring of the company’s security landscape, including all administrative, technical and physical controls.Execute the planning, implementation and management of an enterprise-wide adherence to and documentation of all information security policies, procedures and processes.
Review new or modified PCI DSS requirements and other federaland state laws pertaining to information security to determine if new policies and procedures are needed; and monitor related ” Best practices”and emerging security technologies for potential application.Adhere to and achieve regulatory Information Technology (IT) and Security compliance standards including PCI DSS, European Union (EU) GDPR e CCPA, US State privacy regulations, and Sarbanes-Oxley (SOX) Compliance.
Employgenerally accepted risk identification and evaluation methodologies to perform periodic cybersecurity risk assessments and gap analysis, implement risk treatment processes and determine specific needs for cybersecurity policies and procedures.
Serve as an independent auditor for information security processes.
Knowledge of NIST Cybersecurity Framework requiredOversee the development and delivery of appropriate information security training/awareness to all members of the workforce, including employees, contractors, temporary employees, business associates and other third parties.
Develop and manage the organization’s information security compliance monitoring program.
Monitor internal control systems to ensure that appropriate information access levels and security clearances are maintained.
Initiate, facilitate and promote activities to foster information security awareness within the organization.Certify that information technology systems meet predetermined security requirements.
Consult with users to determine hardware and software functional specifications for security systems.
Serve as the information security liaison for Human Resources to perform investigations.
Monitor and proactively address cybersecurity risks that could affect the global IT computing environment.
Review and approve all system-related information security plans throughout the organization.
Respond to all IT and business unit requests in a timely manner.Skills & Requirements 8+ years in working in a complex IT security environment with Public Key Infrastructure, High Security Modules (HSM), Intrusion Prevention System (IPS) and Intrusion Detection System (IDS)security appliances, problem diagnosis and security optimization in a large enterprise.
Familiarity with Payment Card Industry Data Security Standard (PCI DSS) and IT General Controls (ITGC).
Familiarity with SOX general operating controls.
Required Licenses or Certifications: Relevant industry certifications in the security and technical fields (e.G., CISSP, CISM, CRISC, and CGEIT).
Certification in Information Security field is a must.
Bachelor’s Degree in Computer Science, Information Technology, Engineering or a related discipline.
Security technology including firewall, intrusion prevention, web filtering, log monitoring, and data loss prevention.
Security concepts including network segmentation, demilitarized zones, tiered architecture, and encryption.
Work independently without close supervision.
Must be a critical thinker with the ability to come up with original and/or creative security ideas.
Strong relationship management to work/consult with users.
Strong ability to interpret impact of security choices.
Preferred: Active Directory, networking, encryption, policy and procedure writing.
Experience with PCIDSS compliance and surrounding technologies preferableWhy Hays?You will be working with a professional recruiter who has intimate knowledge of the Information Technology industry and market trends.
Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers.
You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.
Nervous about an upcoming interview?
Unsure how to write a new resume?Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.
Hays is an Equal Opportunity Employer.Drug testing may be required; please contact a recruiter for more information.
#1120883