Home / Training and Events / Careers Home / Career Centre Job Board

CAREER CENTRE JOB BOARD

Today is the first day of your career.

Today you take it to the next level. These tools below will get you on your way.

Director of Security & Continuity
Pillsbury Winthrop Shaw Pittman, LLC
SAVE savedJobs
SAVE savedJobs

Director of Security & Continuity

Pillsbury Winthrop Shaw Pittman, LLC

Gmail Email Print
Application
The application opened in a new tab.
By using this feature you agree to our Terms and Conditions and Privacy Policy.
Details
Posted:
April 6, 2021
Location:
Nashville , Tennessee
PayScale
Type:
Full Time - Experienced

The Director of Security and Continuity serves as the process owner of all activities related to the availability, integrity and confidentiality of client, Firm and employee information in compliance with the organization's information security policies. This position is responsible for establishing and maintaining a firm-wide information security management program to ensure that information assets are adequately protected. The Director of Security and Continuity is being established to ensure we cultivate a security-conscious workplace culture throughout our firm. 

This role is responsible for creating, implementing, managing, and enforcing security and compliance strategies and policies relating to information security, physical security, business continuity planning, crisis management, privacy, and compliance. This position works closely with senior leadership in IT and Risk Management to establish security and compliance practices, oversee day-to-day matters relating to security and compliance, and to address any security or compliance related challenges.  

Essential Job Functions

  • Develop, implement and oversee an information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives.
  • Actively participate in the firm’s crisis management strategic planning.
  • Oversee the development, management and testing of business continuity, emergency-preparedness and disaster recovery plans and policies.
  • Facilitate regular crisis drills and post action reviews.  Ensure all associated plans and policies remain current and the proper tools are in place to house our crisis management documentation.
  • Coordinate the development and implementation of incident response plans and procedures and manage the lifecycle review of related documentation and processes.
  • Oversee the development and testing of a comprehensive incident response plan to ensure business-critical services are recovered in the event of a security event.
  • Provide proactive reporting on the status of our information security program and regular threat briefings to enterprise risk teams, senior business leaders and the Board.
  • Ensure access to systems and information are governed by strong identity and access management protocols.
  • Collaborate with Risk Management to develop and maintain a document framework of continuously up-to-date information security policies, standards and guidelines. Oversee the approval and publication of these information security policies and practices.
  • In conjunction with Risk management, develop and manage a targeted information security awareness training program for all employees, contractors and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences.
  • Liaise with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies.
  • Oversee security and compliance planning and implementation for new or existing enterprise system(s) and ensure that the design of hardware, operating systems and software applications adequately address security and compliance controls.
  • Ensure that information security requirements are included in all vendor contracts.
  • Lead a team of security professionals that are results-oriented and that maintain appropriate certifications and a relevant skill-set.

Requirements

  • Minimum of seven to 10 years of experience in a combination of risk management, information security and IT (at least five must be in a senior leadership role).
  • Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist.
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
  • Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies.
  • Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs.
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations.
  • Must be a critical thinker, with strong problem-solving skills.
  • Knowledge and understanding of relevant international legal and regulatory requirements.
  • Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist.
  • Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
  • High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.

Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer.

Internal Number: R002391
More Jobs Like This
Associate Director - Cyber & Privacy (Remote)   Nationwide
CrossCountry Consulting 1 Week Ago
Sr Director, Information Security   Nationwide
Greystar 1 Week Ago
Information Security Analyst   Oswego, New York
SUNY Oswego 2 Weeks Ago
BACK TO TOP
ISACA Career Centre is Just One of the Benefits.
Discover what else ISACA has to offer!
Networking
Certifications
Training
The job you are trying to reach from was originally posted at ISACA Career Centre.
Help is on the way!
We're sorry you are having trouble applying for this job.

Please try loading this job using the following link before submitting your help request:
Powered By Naylor Association Solutions




Quick Links

Training & Events

Browse All TrainingTraining & Events FAQs
Conferences
In-Person Training
Online Training