Vecna Director of Information Security in Cambridge, Massachusetts

Description:

Vecna is looking for someone who is passionate about security to help build out our security processes, tools, training, and reporting. You'll be working with smart and fun people to help build processes and technology to further secure our applications and application environments and ensure policy enforcement. The ideal candidate is a team-oriented individual who enjoys a fast paced environment. This is a full-time, salaried role.

Responsibilities:

  • Develop and implement information security standards, processes and procedures, and guidelines for the enterprise.
  • Ensure and monitor security compliance with industry and government rules and regulations.
  • Coordinate with technology and business groups to assess, implement, and monitor information security risks/hazards.
  • Provide regular reporting/transparency on the threat landscape.
  • Develop an Information Security Incident Response Plan and manage the execution of the plan should an incident occur.
  • Understand the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments.
  • Report security performance against established security metrics.
  • Create and implement policies and procedures that define behaviors required to maintain a strong information security posture.
  • Create an information security awareness program to ensure staff members across the organization understand the policies and procedures related to information security.
  • Research and evaluate new information security technologies.
  • Maintain awareness of trends in state-of-the-art technologies in the Information Technology Security Administration disciplines.
  • Conduct and participate in the review, evaluation, and recommendation of software products, productivity tools, and external services.
  • Assess and recommend internally managed services and tools vs.
  • outsourced models.
  • Audit and review all information security issues in the organization, partner with other organizations on information security issues (such as Asset Protection and Legal), and manage all information security incidents and threats – both internal and external.
  • Oversee internal and external network security assessments as well as application security assessments.
  • Participate in all IT projects that require Information Security oversight.
  • Review vendor security assessment process and results.

Requirements:

  • Bachelor's Degree in Information Systems or related field.
  • Advanced knowledge of information assurance technologies and principles.
  • Ability to manage work but also be hands-on.
  • 8-10 years of relevant technical experience.
  • Strong passion for driving process improvements within an organization.
  • Willingness and desire to learn new technologies.
  • Excellent written and oral communication skills.
  • Ability to react to high pressure dynamic changing environments.

Position Location:

  • Cambridge, MA

Job ID: 282