PDA

View Full Version : Director of Information Security Position- NJ



cshea@gothamtg.com
2007-10-25, 17:05
An Information Security Director is responsible for assuring the proper executions and reporting of the Information Security strategies, programs, policies and standards associated with the corporation and the business.

Accountabilities:

 An Information Security Officer ensures the execution of Information Security (IS) program elements and IS directives/initiatives, works with the business and assists in the interpretation of IS requirements, identifies/communicates IS risks, ensures that security assessments and techniques are included in the System Development Life Cycle, and validates that appropriate controls are in place for day-to-day operations.
 Provide Program Management for Disaster Recovery and Business Continuation Planning.
 Information Security Officers also ensure that issues and statuses are reported with appropriate supporting documentation and artifacts, facilitate awareness and training programs, and ensure compliance with the corporate IS standards and practices.
 An Information Security Officer, working under the oversight of Information Security Management, may work independently or may provide oversight to a small team of less experienced Information Security Officers.
 An Information Security Officer may on occasion work under the guidance of the Corporate Compliance officer on complex initiatives.
 An Information Security Officer assists in the creation of the processes and procedures used to govern the work of the IT organization.
 Executes IS program elements and IS directives developed by corporate, IS business heads and Corporate Compliance, including implementation of policies, completion of associated deliverables and communication of the initiatives within the respective businesses.
 Establishes procedures and methodologies to proactively review and analyze business critical systems and applications for proper information security controls, including classification of data. Represents IS during audits/examinations.
 Performs security assessments on core business processes, 3rd party vendors, service providers and affiliates in accordance with IS standards and policy.
 Conducts the review and verification portion of entitlement reviews and other access/entitlement IS components to ensure the completion of activities and compliance to associated guidelines and policies.
 Participates in the building permit, engineering and application reviews to ensure information security standards, guidelines and practices are being followed.
 Acts as a member of the Security Incident Response Team in the investigation and reporting of IS incidents.
 Participates in other Governance and IT related initiatives involving Corporate compliance and other Centers of Excellence.


Qualifications

 Bachelor's degree in Computer Science, Management Information Systems or related field.
 Minimum of 10 years computer experience
 Minimum five years of security experience and familiarity with SOX process, compliance, and remediation.
 Experience in the pharmaceutical industry and solid understanding of PDMA compliance and other industry regulations.
 Familiarity with security policies and procedures as well as security technologies
 Strong business acumen.
 Technical project management experience
 Experience managing a diverse technology team
 Experience building consensus with cross functional teams
 Ability to work in both an individual and team environment, while performing multiple tasks in limited timeframes
 Demonstrated ability to influence clients, team members, and management and external groups.
 Superior oral and written communication
 Strong interpersonal and organization skills are required.

Desired:
-Six Sigma Green belt certification
-Program Management experience
-Knowledge of US security and privacy laws
-Solid experience with network technologies