Director, IT Global Security, Risk and Compliance

The Director, IT Global Security, Risk and Compliance is accountable for establishing and maintaining an enterprise information risk management program  to ensure Mosaic information assets are adequately protected.  Additional responsibilities will include, but are not limited to, developing security policies, standards and guidelines; working with business leaders to facilitate IT risk assessments and identifying acceptable levels of residual risk; managing security incidents and events; and directing security and risk management projects. What will you do? Work directly with the Mosaic business leaders to facilitate IT risk assessment, risk management processes and work with stakeholders through the enterprise on identifying acceptable levels of residual risk, and risk mitigation actions.  Work with external & internal audit on Mosaic IT controls audits. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. Direct information security and risk management projects with resources from the IT organization as well as business representatives. Manage and execute a strategic enterprise information security and IT risk management program to ensure the integrity, confidentiality and availability of information owned or controlled by Mosaic.  Develop and enhance an information security management framework based on ISO 27001. Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection. Work with the Technical Services team to ensure alignment between the security and technical architectures, thus aligning strategic plans. Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation. Actively monitor security alerts, advisories, exploits, assessing risk and leading Mosaic teams toward an appropriate response. Develop, maintain and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices. Create and management an information security and risk management awareness training program for all employees, contractors and approved system users. Other job duties and projects as assigned. Lead, develop and coach IT security employees in order to retain and expand organizational talent through focused attention and effort.  Provide timely and constructive feedback on a regular basis to ensure employees have a clear understanding of their work, roles and the business. Manage performance issues when necessary. What do you need for this role? Bachelor's Degree required. Computer Science or Business preferred. Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or similar credentials is required. Project Management certification is preferred. 10+ years of experience in a combination of risk management, information security and IT roles.  At least 4+ years must be in a senior leadership role. Proven track record and experience in developing information security policies and procedures and successfully executing programs that meet objectives of excellence in a dynamic environment. Knowledge and understanding of relevant legal and regulative requirements, such as Sarbanes-Oxley Act (SOX) and Health Insurance Portability and Accountability act (HIPAA). Experience working with third-party vendors and consultants. Experience presenting to board of directors desired. Microsoft Project. Microsoft Office (Word, Excel, PowerPoint, Visio) Knowledge of common information security management frameworks, such as ISO 27001, ITIL and COBIT. Excellent verbal, written and listening communication skills, including the ability to effectively present concepts and proposals. Ability to coach and develop employees. Excellent leadership and interpersonal skills. Strong motivational leader that possesses a hands-on, lead by example approach. Proven strategic planning and project management capabilities. Ability to effectively work and create strong and effective partnerships with employees at all levels within the organization. Excellent business acumen. Strong analysis and problem solving techniques. Demonstrated critical thinking and decision making skills. Must be goal oriented and results driven. Excellent organizational skills. Ability to adapt to a continually changing business and work environment and manage conflicting priorities. High level of personal integrity. Ability to professionally handle confidential matters and show appropriate level of judgment and maturity. Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. 26234
Salary Range: NA
Minimum Qualification
11 - 15 years

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.