Director of Information Security

Summary

Join Daxko as the Director of Information Security, overseeing data and information systems integrity, confidentiality, and availability, leading a team in protecting digital assets, ensuring compliance with security regulations, and developing comprehensive information security strategies.

Requirements

• BS in Computer Science, Information Security or a related field
• Minimum of 8 years of experience in a combination of risk management, information security and technical operations jobs
• Minimum of 10 years of experience in a combination of software engineering and architectural jobs
• At least 5 years in a senior leadership role
• Experience with incident response management and information security frameworks (ISO 27001, NIST, etc.), with additional knowledge of quantum-safe protocols
• Strong understanding of the cybersecurity landscape, including emerging threats and effective countermeasures
• Proven work experience as a System Security Engineer or Information Security Engineer
• Experience in building and maintaining security systems
• Hands on experience in firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
• Experience with network security and networking technologies
• Strong background with system, security, and network monitoring tools
• Familiarity with various compliance such as PCI-DSS, SOC 1, SOC 2, GDPR among others
• Exposure to the payment card or financial industries
• Strong background in software architecture and software engineering
• Technical knowledge of database and operating system security

Responsibilities

• Recruit, interview, hire, and train new staff
• Oversee the daily workflow of the department
• Provide constructive and timely performance evaluations
• Handle discipline and termination of team members in accordance with company policy
• Oversee departmental budgets and manage expenses related to information security for Daxko
• Develop and implement comprehensive information security strategies and policies that align with business objectives
• Lead the information security team to protect our production environments, software products, internal IT infrastructure, and field operations against potential threats
• Coordinate with technical operations and software development departments to ensure security is integrated throughout our software development life cycle
• Oversee the management of security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company's reputation
• Conduct risk assessments, security audits, and coordinate remediation plans with a focus on both current and potential future threats
• Collaborate with other departments to establish and maintain a consistent security posture across all platforms and systems
• Manage the development and implementation of IT security education and awareness programs
• Stay current with the latest security threats, technologies, and trends that may impact information security
• Serve as the primary point of contact for external auditors and agencies on all information security matters
• Advise senior management on security direction and resource investments

Preferred Qualifications

• Master’s degree preferred
• Hands-on experience addressing application security issues with industry best practices
• CISSP: Certified Information Systems Security Professional
• CISM: Certified Information Security Manager
• CEH: Certified Ethical Hacker
• CompTIA Security+
• DSOE: DevSecOps Engineering

Benefits

• Flexible paid time off
• Affordable health, dental, and vision insurance options
• Monthly fitness reimbursement
• 401(k) matching
• New-Parent Paid Leave
• 1-month paid sabbatical every 5 years
• Casual work environments
• Remote work