Director, Information Security
Company: The Great Courses
Location: Chantilly
Posted on: June 19, 2022
|
|
Job Description:
Company Overview
Wondrium is the premier entertaining and educational video
subscription service that enriches your overall life experiences
with approachable, comprehensive, and illuminating content. It's a
museum for your mind, an institution for your imagination, and a
gallery for your personal genius. We search far and wide to bring
you trusted, respected, and inspiring experts and nonfiction
storytellers, who have collectively led over 6,000 hours of video
courses, documentaries, and series. Your brain is going to love
this place.
Summary
Wondrium is seeking a qualified candidate for our Director of
Information Security role. This role will report to the Vice
President, Technology Services.
In this role, you will be responsible for the development,
implementation, and maintenance of information security and
business continuity programs and activities. You will also be the
subject matter expert to all security stakeholders, and ensure that
processes, controls, and documentation are adequate to protect
Wondrium from existing risks, as well as from potential new
threats.
This individual will lead security initiatives and the
implementation of technology, process, and procedures in various
domains including endpoint protection, cloud infrastructure
protection, event monitoring, vulnerability management,
configuration management, and incident response.
In addition, the role will be responsible for assuring proper
security assessments (i.e. leading pen-testing,
architecture/configuration reviews, threat modeling) take place,
identifying process maturity improvements, supporting information
security objectives on in-flight projects, and driving remediation.
The ideal candidate must be a high-performer with a passion for
information technology automation, and someone who can work
collaboratively with staff to execute Wondrium's Information
Security program.
This role will be instrumental in building an Information Security
Team for Wondrium.
Essential functions. Other duties may be assigned:
* Develop and execute on tactical and strategic goals driving a
comprehensive information security program
* Communicate information security policies, standards and
guidelines across the company, clients, and prospects
* Provide regular reporting on the current status of the
information security program to the Executive Team as part of a
strategic risk management program
* Support client and prospect due diligence questionnaires and
interviews
* Create, communicate and implement a risk-based process for vendor
risk management
* Oversee ongoing penetration, vulnerability, disaster recovery,
and data breach testing and client-facing security documentation
management processes
* Collaborate with DevOps and IT Operations to mitigate
vulnerabilities, implement security controls, and draft and
maintain company security policies
* Collaborate with VP of Technology Services on product security
and roadmaps
* Lead compliance efforts such as PCI, CCPA, GDPR, CPRA.
* Participation with Sales and Legal in vendor contract
negotiations
Work Environment
This is a remote position with possible in-office attendance as
requested by management
Physical Demands
The physical requirements of this position are described as
sedentary work. Sedentary work involves:
* Exerting up to 10 pounds of force occasionally and/or negligible
amount of force frequently or constantly to lift, carry, push, pull
or otherwise move objects
* Keying
* Talking
* Sitting most of the time
* Walking and standing are required only occasionally
Required Education and Experience
* BS/MS Computer Science and 8+ years of experience in a
combination of risk management, information security and IT
Leadership roles.
OR
* 10+ years managing/operating in a secure e-commerce environment.
Must have experience creating/implementing security policies across
all aspects of the technical business environment.
* Proven track record and demonstrated leadership in developing
information security policies, standards, and procedures
* Knowledge of Cloud Security best practices and tools such as
security group management, developer account management, secure
deployment models, AWS-Well Architected, CSA-CCSK , etc
* Excellent written and verbal communication skills, interpersonal
and collaborative skills, and the ability to communicate security
and risk-related concepts to technical and nontechnical
audiences
* Hands-on security professional & technologist with experience
securing web services running in a public cloud environment (AWS,
GPC, Azure)
* Strong knowledge of various security technologies such as
vulnerability management, AV/EDR, IDS/IPS, SIEM, VPN, DNS,
firewalls, proxies, etc
* Commitment to data privacy, and experience with Privacy by Design
frameworks
* Experience (or strong interest) in working in a fast-paced
environment
* Pursuit of or interest in Industry certifications such as CISSP,
CISM, CISA, CCSK+, CCAK, ACSP
Preferred Education/Experience
* MIS or related field and MBA is a plus
Affirmative Action/EEO statement
Wondrium provides equal employment opportunities to all employees
and applicants for employment and prohibits discrimination and
harassment of any type without regard to race, color, religion,
age, sex, national origin, disability status, genetics, protected
veteran status, sexual orientation, gender identity or expression,
or any other characteristic protected by federal, state or local
laws.
This policy applies to all terms and conditions of employment,
including recruiting, hiring, placement, promotion, termination,
layoff, recall, transfer, leaves of absence, compensation, and
training.
Other Duties
Please note this job description is not designed to cover or
contain a comprehensive listing of activities, duties or
responsibilities that are required for this job. Duties,
responsibilities, and activities may change at any time with or
without notice.
Keywords: The Great Courses, Chantilly , Director, Information Security, Executive , Chantilly, Virginia
Click
here to apply!
|