About the Position:

Cologix is hiring for a Director IT Security who will be responsible for designing, implementing, and continually improving the security solutions identified in the organization's security program to ensure that all information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected.

You will be responsible for day-to-day security operations including supporting and maintaining a wide range of information security products that monitor and provide compliance across the digital assets owned, controlled and/or processed by the organization.

The Director IT Security must be knowledgeable with the operation, maintenance and functionality of firewalls and endpoint security systems. The ideal candidate is dedicated and passionate about cyber security technologies and is constantly learning and evolving to have awareness of current hacking techniques and cybercrime and keeps pace with the industry's latest trends to address these threats.

What you do daily:

• Be the focal point for security incident response planning, execution, and awareness. Respond to and troubleshoot security incidents, and provide on-call support
• Responsible for providing strategic direction and compliance of Customer Identity and Authentication
• Leads, develops, and maintains technology policies, processes, procedures, and key metrics related to all internal and cloud systems
• Leads a high performing team of security professionals, including building individual development plans and performance reviews.
• Manages professional relations with employees, vendors, and clients in respect to information security circumstances
• Understands SRE and Security principles to ensure the best availability and safety of our customers
• Deep understanding of identity systems, security threats, code validation tools, cryptographic algorithms
• Identifies and ensures implementation of best practices, policies, standards, baselines, guidelines, and procedures
• Responsible for the identification, investigation, and resolution of security incidents
• Participates in the planning, design, and testing of enterprise security architecture, as well as disaster recovery & business continuity
• Updates and enhances security policies and procedures
• Recommends additional security solutions or enhancements to existing security solutions to improve overall enterprise security posture
• Participates in the design and execution of vulnerability assessments, penetration tests and security audits
• Develops and implements security strategy for the organization. Advises executive leadership on the security vision that is aligned to organizational priorities and enables and facilitates the organization's business objectives
• Develop, socialize, implement, and support a multi-year technical roadmap of products and architectural approaches to secure our Hybrid cloud/on premise environments
• Works collaboratively with internal stakeholders and partners to create a comprehensive roadmap and implement in a phased approach to realize the overall roadmap
• Identifies, evaluates, and reports on cybersecurity risk related to assets. Performs an inventory of information assets and maintains the asset repository
• Develop and maintain the Information Security Incident Response Playbook(s). Perform annual tabletop exercises integrating critical functions across the organization in the Incident Response Playbook
• Coordinates with auditors in the execution of audits. Develops a strategy for handling audits and external assessment processes for relevant regulations
• Provides support for HIPAA, GDPR, CCPA and other privacy policies across a global footprint and staying current on relevant security regulations, laws, and technologies
• Evaluate, test, and assist in the selection of manual and/or automated security control solutions that promote safeguarding of assets, including monitoring compliance with approved processes
• Responsible for conducting training and communications plans and programs which includes security awareness programs, security training, and security training compliance
• Provides strategic and tactical security guidance for all IT projects, including the evaluation and recommendation of technical controls
• Participates in the planning, design, and testing of enterprise security architecture, as well as disaster recovery & business continuity
• Balance information security activities with business priorities through prioritization of security risk and mitigation activities.
• Updates and enhances security policies and procedures

What makes you a good fit: (Qualifications)

• 12+ years of experience in a security operation center environment, 6+ year experience in managing Security Operations team
• Experience and Knowledge of audit and compliance management methodology
• Deep experience with penetration testing and remediation process
• Has experience running embedded security engineers in development teams to educate and grow knowledge of good coding practices
• Strong understanding of the ISO 27001/27002 and NIST frameworks
• Working knowledge of global data privacy rules and regulations
• Strong writing skills and communication skills
• Demonstrated ability as an effective leader and change agent
• Demonstrated ability to think strategically and make effective and timely decision
• Preferred Certifications:
  • CISSP: Certified Information Systems Security Professional
  • CCSP: Certified Cloud Security Professional
  • CCNA: Cisco Certified Network Associate Security
  • CCNP: Cisco Certified Network Professional Security