This job has expired, please see additional jobs below
Information Security Director
AEG
Tempe, AZ, United States
Job Details - this job has expired, please see similar jobs below
The "Shed" is a rapidly growing company that focuses on technical solutions for the music festival industry. We understand destination festivals, the culture and its needs. And with thousands of hours at nearly 200 of the biggest festivals across the country, we’ve pioneered advanced ticketing and RFID platforms that enhance the festival experience, empower fans and pave the way for a future of unforgettable events. Gingerbread Shed solutions bridge technology and reality for a seamless encounter with epic festivals.
The Director Information Security is responsible for ensuring the maintenance, awareness and execution of the company’s Information Security (IS) Program and Policies. The Director Information Security ensures operational and administrative effectiveness for all security services including: policy; security access administration; security audit scheduling (e.g. Network Penetration test) tracking and reporting; IT and compliance awareness; security incident management; IT risk assessment; and security consulting services.
Job Duties:
1. Security responsibilities to include collaboration with the IT organization and broader enterprise to ensure maintaining compliance with such security frameworks as PCI DSS. Development and implementation of security standards, processes and procedures, and guidelines for the enterprise. Responsible for assuring appropriate security controls are in place organization-wide, including things such as for sending electronic information to third party vendors and clients.
2. Work with technology and business groups to assess, implement, and monitor security risks. Regularly monitor and report security performance against established security metrics.
3. Planning responsibilities to include coordinating the creation, awareness, execution, testing and reporting for the Disaster Recovery Plan, Incident Response Plan and Risk Assessment Plan. Also responsible for Performance & Statistical reporting for security systems.
4. Assess systems, processes and projects for compliance with Information Security control standards and regulatory requirements. Report on the impact of any gaps found and coordinate remediation efforts. Provide input for or could facilitate vendor security risk assessments to ensure service provider relationships are established in a manner that maintains the Confidentiality, Integrity and Availability of bank data.
5. Maintenance of the Information Security training and awareness program for employees and clients as well as hold clients accountable for proving their compliance.
6. Responsible for creating awareness and methods supporting compliance with the Information Security Program, IS Policies/Procedures and Incident Management Program.
7. Ensure and monitor security compliance with industry and government rules and regulations. Oversee compliance with such security frameworks including, but not limited to, PCI DSS. Ensure compliance with Federal Regulatory Guidelines, State Banking and Commerce legislation and company policies/procedures applicable to Information Security functions. Ensure security complies and meets all service level agreement requirements.
8. Manage all Internal and External Audits, inquiries, observations and findings related to IS and represents IS. Bring mitigation to all IS related audit findings in a prompt and complete manner.
Required Qualifications
1. Bachelor of Arts/Sciences Degree (4-year) in Information Technology, Information Security, or related area
2. 7 - 10 years of related work experience
3. A minimum of five (5) years of current Information Security, data privacy, compliance and Information Technology experience
4. A minimum of two (2) years supervisory experience and staff development
5. Proficiency with security related technologies
6. Proficiency in Visa and MasterCard processes related to PCI Compliance
7. Excellent written and verbal communication skills including: the ability to develop presentations and present to senior company leadership
8. Excellent decision making and analytical thinking abilities
9. Understanding of financial principles
10. A strong understanding of security and compliance frameworks including PCI, ISO and ITIL
Preferred Qualifications (if applicable):
1. MIS or MBA degree
2. Active ISA Certification
3. One or more active certifications in related areas of security and compliance such as CISA, CISM or CISSP