This job listing has expired and the position may no longer be open for hire.

Director - IT Security Strategy at AICPA

Posted in Information Technology 30+ days ago.

This job brought to you by eQuest

Type: Full-Time
Location: Durham, North Carolina





Job Description:

Summary of Role
Lead global IT security, driving the IT security strategy and implementation forward while protecting the business from cybersecurity threats. Responsible for the operational compliance to all GDPR, PCI, ISO, and other standards and regulations.  Along with the strategic role, manage security operations for the protection of the enterprise information assets, as well as work with the Vice President – IT to develop the appropriate IT security budget. This role also includes communication of strategy, management of applications and infrastructure staff for security-related work, and the creation of policies and procedures which will enhance and support the IT security strategy.  The Director – IT Security Strategy works closely with the Senior Director – Internal Audit, Risk, & Compliance and his/her team to mitigate iARC findings and implement IT security strategy.
 
Accountabilities & Responsibilities


  • Primary focus on securing all Association data that is generated or maintained by technology systems and solutions

  • Responsible for managing technical and administrative technology controls to insure data privacy integrity is maintained for all IT systems and solutions

  • Maintain a current understanding of the IT threat landscape for the industry

  • Manage the daily operation and implementation of the IT security strategy

  • Conduct a continuous assessment of current IT security practices and systems and identifying areas for improvement

  • Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities

  • Approve identity and access policies, in coordination with Internal Audit, Risk, & Compliance team

  • Execute security audits and risk assessments, in coordination with Internal Audit, Risk, & Compliance team

  • Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced, in coordination with Internal Audit, Risk, & Compliance team

  • Deliver new IT security technology approaches and implementing innovative next generation solutions

  • Oversee the management of the IT security operational resources (internal and external), giving leadership to the team

  • Ensure compliance and governance is met for all global IT systems and solutions

  • Develop, implement, and maintain business continuity plans to ensure service is continuous when a change program is introduced, or a security breach occurs or if the disaster recovery plan needs to be triggered

  • Protect the intellectual property of the organisation consistently and continuously

  • Devise strategies and implementing IT solutions to minimize the risk of cyber-attacks

  • Communicate IT security strategy to a range of stakeholders, including the Association Senior Leadership Team

  • Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget


  • Manage the IT security budget with Vice President - IT
     
    Supervisory Responsibilities

  • None

Knowledge, Skills & Abilities Required


  • Advanced understanding of global security protocols and policies, including GDPR

  • Digital leadership skills – capable of empowering and leading an IT security strategy to meet business and IT security goals

  • Solid people management skills – Able to provide direction, monitor performance, motivate staff and build a positive working environment

  • Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies

  • A passion for technology and security safeguarding with a desire to deliver high-quality, innovative IT security framework

  • Thrives on change, and shows an impressive ability to drive the IT security strategy forward

  • Analytical mind capable of managing numerous information sources and providing data analysis reports to senior management

  • Strong customer focus – able to meet the demands of internal and external customers

  • Excellent communication skills – providing verbal and written communication that is outstanding to both direct reports and senior management as well as other stakeholders

  • Flexible and adaptable – capable of changing direction where required and show flexibility to meet new demands

  • Forms business partnerships that help drive the IT security strategy forward

  • Able to make decisions that are well informed and timely

  • Creative thinking – able to look at alternatives and consider new ways of thinking to problem solve


  • Multi-tasking – can manage several concurrent projects and prioritize demands
     
    Required Experience, Qualifications & Education

  • A minimum of 10 years’ experience in Information Technology, including experience managing network security, application security, and web security, and in managing enterprise level projects/implementation, working in a formalized change and incident management environment


  • Bachelor’s degree in Information Technology, Computer Science, or related field
     

Preferred Experience, Qualifications & Education


  • CISSP Certification

  • CISM Certification

  • CGEIT Certification

  • ITIL v3 Certification

  • PMP Certification