Director, IT Security

Title:         Director of IT Security

Program:  IT Department- Varick St

Salary:     $105 - 135K Based on experience

Overall Responsibilities:

The Associate Director of IT Security will play a critical role in developing, implementing, and managing comprehensive IT security initiatives. Reporting directly to the CIO, the incumbent will be responsible for providing the digital security of the organization’s systems, services, and related hardware. This role will be responsible for keeping the CIO informed of all malicious activity and producing reports that assess the effectiveness of the security strategies in place and make all required changes to ensure the ultimate security of our network, systems, services, and data.  

Essential Duties & Responsibilities:

• Assist the CIO with developing IT security policies, procedures, standards, and guidelines based on knowledge of best practices and compliance requirements.
• Collaborate with senior leadership to develop and refine IT security strategies aligned with business objectives and industry best practices.
• Creates, manages, and maintains user security awareness, and provides education on security-related matters, including annual training campaigns, monthly phishing simulations, and ad-hoc security awareness training materials on current threats.
• Implement and manage security controls, technologies, and processes to protect against cyber threats, unauthorized access, and data breaches.
• Oversee the deployment and maintenance of security solutions, including firewalls, intrusion detection/prevention systems, antivirus software, encryption tools, etc.
• Conduct regular security audits, vulnerability assessments, and penetration testing to evaluate security measures' effectiveness and identify areas for improvement.
• Provide guidance and support to IT staff and end-users on security-related issues, policies, and best practices.
• Stay abreast of emerging threats, trends, and technologies in the IT security field and recommend appropriate proactive measures.
• Assist in incident response and forensic investigations in the event of security breaches or incidents, ensuring timely resolution and mitigation of risks.

Qualifications:

• Bachelor’s degree in computer science, Information Security, or a related field. 
• Minimum of 5 years of relevant experience in IT Security, PHI, and Cybersecurity is a must.
• Professional certifications such as CISSP, CISM, and CISA are preferred.
• Strong knowledge of information security principles, standards, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework)
• Understanding of security principles, technologies, and protocols, including but not limited to network security, endpoint security, identity and access management, encryption, etc.
• Strong analytical skills and the ability to assess complex technical issues and develop practical solutions.
• Excellent communication skills, with the ability to effectively interact with technical and non-technical stakeholders at all levels of the organization.

All newly hired Project Renewal staff must provide verification of being fully vaccinated against Covid-19.