Director of Information Security Job
Job Description Job Attributes+
Fremont, CA 94538, US
Management - Technical
CTH or Perm
Blackstone Talent Group, an award-winning technology consulting and talent agency is seeking a Director of Information Security to join our team at our client’s site in Fremont, CA.
The ideal candidate is an InfoSec leader who will be instrumental in building a security compliance framework that scales to worldwide offices. The Director will be involved in projects and issues of high complexity that require an individual who can rapidly move from concept to implementation.
- Reporting to Vice President IT, the Director of Information Security will be responsible for delivering operational
- excellence by defending the organization against global cybersecurity threats.
- Director Information Security is accountable for the security of Information Systems and Products.
- Defines and implements strategy and programs to safeguard Products, Information Systems Infrastructure, business systems and data from external attack and internal leakage.
- Develop, prioritize and executes on the roadmap that mitigates overall cybersecurity risks, strengthen defences and reduce security exposures for Information Systems and Enphase Products.
- The Director will be responsible for creating, testing, improving, and implementing cybersecurity policies.
· Own, Develop and Implement Policies and Systems for data use, information security architectures across the enterprise, inclusive of customer and client's IP protection protocols.
· Develop a risk strategy that identifies and classifies risks, defines appropriate tolerances, prioritizes mitigation activities, and measures risk levels at regular intervals.
· Leads Security Operations functions that include incident response & management, escalation of security events, vulnerability scanning, security defect management, Red Team exercises, etc.
· Architect, implement and expert utilization of information security tools.
· Monitor, Analyze emerging technology risks and adapts approach to balance the enterprise risk profile
· Oversee high-risk initiatives and serve as a point of escalation for remediation and mitigation efforts
· Establish process and works with the management on disciplinary actions in response to security incidents.
· Conducts formal enterprise risk assessment as input to board-level decision making
· Defines physical security and business continuity requirements in support of the cybersecurity program
· Coordinates with Legal and Human Resources functions to ensure regulatory compliance of our information systems and data protection, globally, including but not limited GDPR, CCPA, SOX and SOC
· Drives security awareness training programs for the organization, ensuring that all employees, contractors and approved system users are trained on information security and their contribution to risk mitigation
· Maintains relationships with key external stakeholders to stay current with emerging requirements and industry trends
· Manage Security Operations Center with 3rd Party vendors.
· Recruit, Develop, and retain a highly qualified team of Information Security professionals in support of our global footprint
· Solid understanding of cyber threat profiles and mitigation solutions in the areas of R&D / Labs, Manufacturing and Supply Chain, Customer Data
· Executive-level analytical processing and presentation skills
· Highly proficient in modern project management techniques
· Bachelor's degree in Information Security, Computer Science, Information Management Systems, or related field required. Master’s degree preferred.
· 15+ years in Information Security
· CISSP certification required (Certified Information Systems Security Professional)
· GIAC GSEC certification ideal (Global Information Assurance Security Essentials Certification)
· Expert level proficiency in DLP, DRM and Mobility Solutions
· Demonstrated experience with formal risk assessment frameworks (CIS, NIST, etc)
· Hands-on experience with Information Security tools is plus
· Ability to pull up the sleeves and drive the solution implementation when needed
· Strong knowledge of current and emerging cybersecurity risks and innovative risk management method.
· Design and develop an information security roadmap that aligns and scales with the growth of the organization.
· Lead security testing and assessment processes
· Manage compliance activities.
· Understanding and implementation of GDPR, CCA and SOC is plus.
Blackstone Talent Group is a division of Blackstone Technology Group, a global IT services and solutions firm that implements technological solutions across commercial industry verticals and the US Federal Government. Blackstone’s global talent augmentation practice was founded in 1998. Blackstone Talent Group has offices in San Francisco, Denver, Houston, Colorado Springs, and Washington, DC. We specialize in providing clients the best talent across a variety of industries and sectors.
EOE of Minorities/Females/Veterans/Disabilities
Who We Are
Founded in 1998, Blackstone Talent Group is one of three divisions of Blackstone Technology Group. The other two divisions are Blackstone Federal, a premier engineering + transformation agency that serves the federal government, and Trellis Energy, the largest transaction management software firm fully dedicated to serving the natural gas industry. Blackstone Technology Group is a privately-held global IT services, solutions and resourcing firm. Headquartered in San Francisco, Blackstone now has more than 300+ employees across five offices nationwide. Blackstone Technology Group’s mission is to help clients adapt to the demands of a digital world, and has garnered an impressive track record of delivering successful results to a client list that includes Fortune 100 businesses and US federal, state and local government.
WHAT WE DO
We provide contract, permanent and managed resource services to our clients. We source for commercial businesses and non-profits, as well as government clients requiring security clearances from public trust through multiple levels of top secret. Some of our skill specialties are IT, IT Operations, Engineering, Accounting and Finance, and Executive Search.
HOW WE DO IT
Our team never stops building connections with talent. And our network of fully-vetted, ready-to-work professionals allows us to provide exceptional speed and accuracy in our resource delivery that is unmatched in the industry. With a relationship-first engagement approach, we most often become a trusted partner with our clients and operate as an extension of their organizations.