Director of Information Security

Remote, USA
OraSure Technologies – IT & Information Services /
Full-Time /
Remote
Apply for this job
Reporting to the Vice President, Information Technology, the Director of Information Security is responsible for establishing and maintaining appropriate components of an enterprise-wide information security program to assure information assets are adequately protected and information risks are managed appropriately.
 
The position will provide leadership as well as overseeing day-to-day operations and activities related to the creation and delivery of security projects; planning and managing complex multi-year projects and associated initiatives designed to improve the company’s overall information security program.

Snapshot of Responsibilities

    • Develop and advance company information security policies, standards, procedures and tools to assure the company remains compliant with industry standards (which may include CIS, GDPR, PCI, HIPAA, etc.).
    • Evaluate Cyber Risk across company systems, both on-premise and cloud; develop prioritized implementation plans for compliance to policies and standards.
    • Evaluate and Manage Security Vendor relationships: Managed Security Services, Internal and External Penetration Testing, Incident Response, Cyber Maturity, and other cybersecurity partners and vendors.
    • Develop and report business-relevant metrics to measure the efficiency and effectiveness of the Information Security Program.
    • Design and Manage Vulnerability Detection and remediation.
    • Keep abreast of industry trends and current emerging risks. Advise the company on security best practices.
    • Perform reviews of security infrastructure configurations including firewall, intrusion detection, web filtering, SIEMs, DLP, application whitelisting across sites and develop common standards.
    • Develop and lead appropriate table-top exercises. Incorporate lessons learned into security program
    • Review alerts (based on your defined alert parameters) on a daily basis and act accordingly
    • Manage user cyber security training and phishing programs.
    • Manage spam filtering and rules to balance risk with business needs
    • Assist the company with customer facing security requests and audits, including SOX.
    • Assist the company with cyber-insurance applications and reviews.

What You Bring

    • BA/BS Degree in Cyber Security, Information Systems, or relevant work experience required 
    • 5+ years of experience in a dedicated cyber security role is required
    • 5+ years of experience in a leadership capacity of technical or cross-functional teams.
    • CompTIA Security+ certification required.
    • Certified Information Systems Security Professional Certification (CISSP) or Certified Information Security Manager Certification (CISM) are assets
    • Knowledge of Cyber Security Framework for e.g. NIST, CIS
    • Understanding of these technologies: Network topology, Firewall, Anti-Virus, Anti-Malware, Intrusion Prevention Systems, Endpoint Detection & Response, Identity Access Management, Privileged Access Management, Web Content filtering solutions, DLP Technologies, Web Application Firewalls, SIEM (Security Information and Event Management) Solution
    • AWS, Azure and Google Cloud Platform Security experience.
    • IT Process (e.g., ITIL) and System Development Life Cycle experience.
    • Ability to work independently with minimal supervision or function in a team environment sharing responsibility, roles, and accountability.
    • Knowledge of networking, including remote user VPN client connectivity support. 
    • Experience managing a Disaster Recovery plan
    • Excellent oral and written communication skills at technical and leadership level
    • Strong interpersonal and organizational skills
    • Must be a team player, be organized and have the ability to handle multiple projects.
The base salary range for this full-time position is $129,000 - $233,000 USD. In addition to base salary this position is eligible for participation in our annual bonus program. The range displayed on the job posting reflects the minimum and maximum base salary for the position, based on our defined salary pay ranges. Our ranges are broad to account for differences in roles, performance, experience, skillsets, education and business needs and individual pay is determined by a variety of factors. We offer a comprehensive Total Rewards package, as noted below.
Apply for this job

OraSure Technologies Home Page

Jobs powered by Lever logo