Head Of It And Cybersecurity
Current★ Lead IS & IT implementation needed for organization Information Security certification, e.g., ISO-27001★ Develop and manage the incident response/disaster recovery playbook★ Implement and oversee corporate Security Awareness and Policy Attestation training★ Develop, implement, and manage Information Security policies, procedures, and standards, while tracking relevant laws and regulations.★ Provide oversight for the company's risk mitigation, incident management, and… Show more ★ Lead IS & IT implementation needed for organization Information Security certification, e.g., ISO-27001★ Develop and manage the incident response/disaster recovery playbook★ Implement and oversee corporate Security Awareness and Policy Attestation training★ Develop, implement, and manage Information Security policies, procedures, and standards, while tracking relevant laws and regulations.★ Provide oversight for the company's risk mitigation, incident management, and third-party risk management programs★ Develop and implement cloud security and application security solutions to protect enterprise assets and data★ Serve on the Information Security Board and Risk Management Committee ★ Manage and optimize systems for responding to client vendor risk assessment requests to drive supplier performance and strengthen business partnerships★ Drive IT project implementation and roll out, e.g., email security configuration & mobile device management★ Train and lead IT consultants to securely manage critical corporate IT services, including communication, office productivity, document management, asset management, endpoint protection, etc.★ Lead regulatory risk and technology assessment processes, including DirectBook’s supplier vendor risk assessment★ Interface with corporate IT consulting vendors to ensure adherence to corporate policy while building working relationships with senior management and vendor staff★ Track and remediate outstanding and recurring vendor risk and Information Security controls, including periodic system reviews and evidence gathering★ Conduct critical annual exercises, including technical disaster recovery and security incident response protocols★ Strategically implement and improve IT processes for procuring, managing, securing IT assets and cloud services Show less