Full Time

Director of Information Security – Remote Jobs

Posted 8 months ago
Massachusetts
$125 - $150 per hour

Job Description

Job Type: Director of Information Security from home
Location: Boston work from home
Company: UpRecruit

Responsibilities:

  • Create and implement security policies that encompass every step of the software development lifecycle, from conception to implementation.
  • Take complete ownership of patch management, maintain rigorous adherence to legal and industry standards, and comply with regulatory requirements (PCI, SOC2, ISO, etc.).
  • Determine and reduce the risks related to database management, giving the security, integrity, and availability of data a priority.
  • When working with other organizations like partners, vendors, and contractors, put strong security measures in place to protect confidential data from unwanted access.
  • Adopt best practices for cybersecurity, such as monitoring bug bounty programs, conducting frequent penetration tests, scanning for vulnerabilities, and managing threat intelligence.
  • To maintain a robust defense posture, encourage the development of a top-tier security team composed of infrastructure security specialists, security engineers, and SOC staff.
  • To maintain operational resilience in the face of interruptions, create and implement business continuity plans (BCP), disaster recovery (DR) policies, and comprehensive business impact analysis (BIA).
  • Take the lead in proactive security procedures by keeping abreast of new threats, technological advancements, and industry norms.
  • Represent the company at conferences and industry get-togethers, promoting our security measures and raising our visibility as an organization.
  • Share security best practices via blogs and other platforms to raise awareness and promote education both inside the organization and in the community at large.
  • Provide executive leadership with regular security updates and reports that include recommendations for strategic directions and insights into the organization’s security posture.

Requirements:

  • Possess a Bachelor’s or Master’s degree in information security, computer science, or a related subject.
  • Have proven experience leading information security teams at the senior level, preferably in rapidly expanding SaaS contexts.
  • Demonstrate a thorough understanding of security frameworks and standards, such as PCI DSS, SOC2, ISO 27001, and NIST.
  • Show that you have a thorough understanding of software development processes and that you can easily include security procedures into the SDLC.
  • Demonstrate a history of leading security efforts in a variety of cloud and technology contexts.
  • Demonstrate outstanding abilities in communication and interpersonal relations, enabling productive interaction with stakeholders across all organizational levels.
  • Possess credentials from the relevant industry, such as CISA, CISM, CISSP, or similar.
  • Present a track record of accomplishments in public speaking and thought leadership in the field of information security.