Director of Information Security

---

Job description

Director of Information Security

OVERVIEW:

• You will be working directly with the engineering team on the code of actual working cryptosystems.
• You must have direct, hands-on experience with fundamental cryptographic algorithms and how cryptosystems are built for privacy, integrity, or authentication/identity.
• Demonstrating your vision, domain expertise, and strong leadership skills, you will help shape the next generation of products and services while justifying the continued trust our clients and consumers have placed with us to ensure their private information is kept secure, while enabling regulatory compliance.
• The Director of Information Security is responsible for maintaining the data compliance framework, identifying major risk factors (product, compliance and operational) for the company, and technical leadership related to both product security as well as operational security.
• We are looking for relevant, collaborative leadership experience, proven execution ability, and deep technical information security experience as key indicators of success for this role.

RESPONSIBILITIES:

• The day-to-day role of the Director of Information Security role includes developing, defining, maintaining, and revising company compliance policies, procedures, and systems, as well as liaising with different compliance authorities where we operate or wishes to operate.
• Develop and drive implementation of near- and long-term security strategy and goals in alignment with business objectives and culture.
• Partner across (and with external teams as needed) to ensure that security is designed into our products and processes from the early stages.
• Prepare and present accurate and timely information in response to audits and client inquiries; institute a proactive culture to align activities and measurement with internal policy and regulatory requirements.
• Oversee management of information security tools, contracts, documentation, standards, and processes to ensure an operating environment that is sound, sustainable, and compliant with company policies and requirements
• Advocate for all company security-related issues, across enterprise.
• Resolve security resource requirements including budget, staff, training needs, and prioritization.
• Work with senior stakeholders, where appropriate, to embed security expertise in other functions.
• Provide expert counsel and mentorship to senior leadership (including on occasion the board of directors) on security and its impact across business strategy, programs, products/services, and operations.
• Develop and drive security risk analysis, mitigation, and remediation plans.
• Plan for and lead security incident response and recovery efforts.
• Evolve capability to monitor threats and vulnerabilities as well as detect, investigate, respond to, and recover from incidents.
• Own all documentation, process, and training surrounding disaster recovery abilities.