Director I.T. Security
Direct Hire / Salaried
NE Ohio
This is an in office, local position.
You must have experience with Security Audit and Risk Management across various industries and domains
in order to be considered.
The Director of Information Technology & Security’s role is to ensure the Company’s Corporate
Office and Division’s information technology (IT) operations and infrastructure are operating
securely and efficiently in accordance with the business objectives of the organization. The
Director of Information Technology and Security will work closely with decision makers in the
operating divisions to identify, recommend, develop and support cost-effective technology and
security solutions for all aspects of the organization. Additionally, this role will also strategically
define and implement IT policies, procedures and best practices for the Company.
Role and Responsibilities
---Candidate will establish policies and solutions that enforce security best-practices to
maximize protection and resiliency.
---This senior leader will interact with business and IT stakeholders to develop secure
solutions that mitigate high-risk areas.
---Implementation of industry leading practices around cyber risks and security for on-prem
and cloud solutions.
--Designing and developing security policies, standards and procedures e.g. firewall
management, SSL/IPSec, security incident and event management (SIEM), data
protection (DLP, encryption), user account management (SSO, SAML), and
password/key management.
---Support security aspects of business & IT initiatives by assisting in architecture, design,
implementation, deployment, and operational transition of innovative & secure
technology solutions.
---Research, evaluate, design, test, recommend and plan the implementation of new or
updated information security technologies.
-- Play an advisory role in IT projects to assess security requirements and controls and to
ensure that security controls are implemented as planned.
--Complete remediation activities and initiate actions to ensure that compliance and
security gaps are successfully addressed.
--Evaluate security controls employed by technology services providers to ensure
information assets are adequately protected.
Skills
--During recent history, candidate must have demonstrated exceptional ability to assess and
communicate information security concepts and practices, with both business and IT
stakeholders.
--Exposure or understanding of the following concepts, practices, and technologies:
network security and perimeter security, firewalls, IDS/IPS, SIEM, workstation, mobile
device, and network design standards.
--Knowledge of and experience in developing and documenting security architecture and
plans, including strategic, tactical and project management.
--Strong people skills, collaborative ability to work with IT stakeholders inside and outside
of the organization, able to mentor team members with diverse backgrounds.
--Ability to formulate network security architecture vision and translate vision into
execution.
--Thorough understanding of Information Security frameworks and good practices (e.g.
CSA), and proven ability to strike a balance between an academic and pragmatic
approach.
--Strong analytical, problem solving, and critical thinking skills to drive efficiencies and
continuous improvement.
--Strong verbal, written, and presentation skills demonstrating ability to effectively partner
and negotiate with people at all levels within the organization as well as vendors and
partners.
Must Have Qualifications to be considered:
--Bachelors Degree in Computer Science or similar areas of study.
--10+ years work experience in information security and/or related functions (such as IT
Audit, Risk Management or Security Architecture).
--Experience with one or more major cloud technologies like AWS, Azure, or Google
cloud.
Please call me and send an updated resume (the best candidates always do both ).
Tom Gaebelein
440.627.6925
Tom@EmeraldResourceGroup.com