This job has expired, please see additional jobs below
Director, Information Security
Job Details - this job has expired, please see similar jobs below
At Company, we empower people to advance the way the world is built. We create smart software solutions that make construction sites more efficient, connected, and safe, improving the lives of design and construction professionals everywhere. Our purpose is clear: Together, we’re building a better life for those who build our world.
This position will provide leadership and accountability for Company’s information security program. It is responsible and accountable for establishing, planning, administering, and evaluating the overall policies, goals, and procedures company-wide for the information security program. Relevant, collaborative leadership experience, proven execution ability, and technical cybersecurity competency are key indicators of success for this role.
What You’ll Do:
- Defines and owns a multi-year cybersecurity roadmap and key performance indicators focused on reducing cyber risk.
- Creates quarterly, annual, and long-term cyber security and cyber risk management goals, articulates strategies, define metrics, and provides necessary updates to executive leadership and the Security Steering Committee.
- Builds and inspires a highly skilled and diverse Security team. Fosters a culture of trusted cross-functional partnership, service, and continuous improvement.
- Partners with Product & Engineering leadership for the development, planning, and execution of major security initiatives, ensuring secure development and overall technology and security planning in line with Company’s product roadmap and R&D innovations team.
- Oversees product review assessments and promotes the implementation of security technologies.
- Collaborates with peer members of the greater global Nemetschek security team and leads security initiatives for the US-based brands to establish and promote appropriate security standards throughout the Nemetschek Group and provides an effective governance structure to ensure cyber compliance and accountability.
- Mentors internal Company and Sister Brand security team members.
- Leads Security Incident Responses, Vulnerability assessments, Third Party Information Security assessments, Data Protection and Encryption, Identity & Access Management, and Privileged User Access to protect both customer and employee data.
- Coordinates responsive actions for disaster recovery, business continuity, and incident response plans.
- Develops and coordinates response plans to ensure timely response to information risk-related incidents.
- Builds and inspires a highly skilled and diverse GRC and Privacy team, staying abreast of new regulations affecting the business and driving a culture of compliance throughout the organization.
- Partners with business stakeholders across Company and the Nemetschek group to raise awareness of risk management concerns, including advising system owners on the security posture of their systems.
- Oversees the continued development and maintenance of Company’s processes, policies, and technical controls in support of certifications programs and continual compliance with ISO/IEC 27001/2, SOC 2, and applicable privacy regulations and ensures ongoing compliance thereof.
About You
- 10+ years of enterprise cybersecurity or relevant technology/risk management experience
- 3+ years of experience directing the activities of other managers running information security teams
- 2+ years of experience in GRC and data privacy regulations
- Hands-on experience leading one or more of the following functions is required: GLBA/privacy, third-party risk management, cyber resilience planning/response, strategy/board reporting
- Demonstrated experience in cloud and mobile technologies, including multi-tenancy data storage preferably with AWS infrastructures.
- Demonstrated experience in establishing and maintaining common security frameworks (SOC2, ISO27001, NIST)
- Broad, current knowledge of regulatory and voluntary standards-based compliance related to cloud and mobile applications and data confidentiality (e.g. CCPA, GDPR, PCI, SOC2, ISO 27001) and experience implementing and fostering compliance maturity.
- Experience with software-as-a-service companies and securing cloud architectures.
- Exceptional communication skills, including written deliverables, oral presentations, and the ability to facilitate crucial conversations at all levels of the organization.
- Track record of leading enterprise projects and cross-functional initiatives to success, on time, and within budget.
What we offer
- People-focused, entrepreneurial collaborative culture with the backing of a stable, global, corporate entity – Nemetschek.
- Competitive compensation and benefits package (medical, dental, education reimbursement, 401k, wellness resources).
- Work-life balance is fostered through a culture of diversity, inclusion, and appreciation of individual lifestyle needs.
- Opportunity for continuous professional development through things like LinkedIn Learning, conferences, and certification programs.
About Company
The construction industry is adopting new technology at a feverish pace. Tablets and cell phones are replacing paper blueprints, drones are surveying job sites in 3D, and cloud collaboration is changing the way teams work together. Company plays a crucial role in this transformation. The key to our success is a customer-focused approach to product development: we work with the industry to create solutions for the industry. Today, over 3 million people throughout the world use Company. In the US, we’re a critical partner for the majority of top AEC firms, and rapidly expanding our presence globally, with offices in Australia, Denmark, Sweden, Germany, and the UK.
Come design and build your future with us.
Company is proud to be an equal-opportunity workplace. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or veteran status.
The base pay offered will depend upon qualifications and other operational considerations. Base pay is one part of Company’s Total Rewards program, which seeks to compensate and recognize employees for their work. Most sales positions are eligible for commission under the terms of an applicable commission plan, while most non-sales positions are eligible for a bonus under the terms of an applicable bonus plan. Additionally, Company provides best-in-class benefits, with 100% employee-covered health and welfare benefits and paid time off. Company is a growing company with many opportunities. If this role and/or pay range is not an exact fit, we still encourage you to apply.
The base salary range for this position is: $177,600 – $221,800 + bonus incentive.
More Interviews
Guaranteed in 30 Days
We guarantee that you will
get more job interviews
in 30 days after using our resume writing services or we will rewrite
your resume for free.