Lucas Group has partnered with a data science company seeking a Director for their IT Security Team. This role is primarily responsible for ensuring that the client’s platform is secure, compliant, and available. The Director of Cyber Security serves as a member of the Information System Security Team and participates in the Change Advisory Board.
The Director of Cyber Security is also responsible for helping to set security practices, evaluating new technologies and frameworks, identifying ways to improve the security posture, achieve and maintain
SOC II and HITRUST compliance and mentoring and leading new team members. The Director of Cyber Security is a self-starting team-player with exceptional troubleshooting and communication skills.
Duties and responsibilities
- Manage the Information Security Program for the business to ensure that security controls are in place to adequately protect data and monitored regularly for compliance with established policies, standards, and contractual obligations.
- Manage 3rd party audits and vendor engagements such as HITRUST, SOC2 Type II annual audit, and 3rd party network penetration tests. Work closely with other teams to remediate risk findings.
- Lead the Security Group whose purpose is to review and maintain the risk management roadmap priorities and monitor their implementation. The committee is comprised of key management positions including members of the executive management team.
- Provide support to the Sales team to complete information security RFI’s. Lead customer audits and provide responses that assures the customer that customer data is adequately protected.
- Administer established IDS/IPS software and system monitoring processes. Review the reports monthly and provide remediation plans.
- Assist with the creation and execution of the technology team’s annual roadmap and initiatives.
- Develop security awareness and HIPAA training programs for employees.
- Mentor, challenge, and grow your peers on the technology team.
- Other duties as assigned.
- Requires a bachelor's degree in a Computer or Engineering related discipline
- Minimum of 7-10 years' experience performing IT and security related duties.
- 3+ years of experience mentoring peers or serving in a leadership role (e.g., team lead)
- Certifications in CISSP, CISA, CISM, CCSP/CCIE, GIAC is preferred but not required.
- Expertise in security threats, vulnerabilities, defenses, principles and policies.
- Technical experience in the areas of security requirements analysis, security
- Architecture, security testing, security operations and maintenance and the security economics.
- Knowledge of applicable data privacy practices and regulatory requirements (HIPAA, SOC2, HITRUST).
- Advanced knowledge of networking/distributed computing environment concepts.
- Advanced knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.
- Advanced technical knowledge of network, PC, and platform operating systems, including Cisco, Fortinet, Microsoft and Linux.
- Advanced ability to work independently, work in a fast paced environment, and manage workload prioritization to deliver high quality work products on time with minimal direction.
- Advanced critical thinking skills with the ability to move beyond proven problem-solving approaches to formulate solutions.
- Strong leadership skills, excellent cross-functional relationship building skills.
- Advanced communication skills, both written and verbal.