The job below is no longer available.
You might also like
in Annapolis, MD
National Security Agency (NSA) • 5h agoUrgently hiring 13.7 mi Use left and right arrow keys to navigate- $17
est. per hour National Security Agency (NSA) • 5h agoUrgently hiring 13.7 mi Use left and right arrow keys to navigate - $21
est. per hour MEDSTAR HEALTH • 2d agoUrgently hiring 16.4 mi Use left and right arrow keys to navigate 
$17est. per hour DMI (Digital Management, Inc.) • 12h agoJust posted Urgently hiring 4.9 mi Use left and right arrow keys to navigate- $18
est. per hour MEDSTAR HEALTH • 5h agoJust posted Urgently hiring 18.8 mi Use left and right arrow keys to navigate
Director, Information Security and Governance - Full-time
•30 days ago
| Hours | Full-time |
|---|---|
| Location | Annapolis, MD Annapolis, Maryland |
About this job
Driven To Serve® and Ready to Succeed!
Working with Towne Park offers a variety of employment opportunities for your unique career plan! Whether you’re a part-timer, careerist or adventurer, Towne Park gives you the tools to learn and grow. With business in 50+ national markets, there’s no limit to where Towne Park might take you!
No matter what you’re looking for, Towne Park provides a winning environment working alongside the brightest and friendliest colleagues around. Whether it’s team events, giving back to the communities where we live and work, or celebrating a Towne Park win, you’ll find a fun and welcoming work experience!
JOB SUMMARY
The Director of Information Security and Governance is responsible for establishing and maintaining a company-wide security program to ensure that “information assets” (data, software, personal credit card (PCI), personal identifiable information (PII) are adequately protected across all operating and corporate support units. This position is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, reduces risk, and improves productivity.
DUTIES AND RESPONSIBILITIES
? Designs and manages the company’s internal information security policy framework.
? Development, testing and implementation of appropriate security plans, products and control techniques.
? Ensure Compliance with PCI-DSS by working with operational partners, third party service providers, technology configurations and company processes. This includes having an in-depth knowledge of all best of breed technology, tactics, and configuration to provide the best security to the company
? Develop protocols and procedures for the IT staff in response to alert and log management. This also includes overall IT Security protocols for data leakage, endpoint, email, hosted solutions, and all classification of data at rest and data in motion.
? Develop and maintain comprehensive strategy on cyber security risk and mitigation protocols.
? Ensures the organization's Information security policies and strategies are in compliance with applicable external regulations, internal policies and strategic initiatives of the organization.
? Manages security and compliance projects across multiple teams, including operations, IT, Corporate Operations, and other internal departments.
? Advises internal business stakeholders on security and compliance requirements and works in cross-functional partnership to help ensure those requirements are met.
? Develops and owns an annual security assessment, security and compliance awareness training, disaster recovery and business continuity plans.
? Conduct Briefing Sessions with the CIO and business sponsors to review results and findings of assessment/audits to ascertain operational effectiveness of IT general controls and identify risks.
? Coordinate external and internal security and compliance audit activities and manage the remediation activities.
? Convey Towne Park’s security and compliance program to third parties, including clients, insurance carriers, regulatory agencies, etc., as necessary.
? Provide thought leadership regarding the implementation and execution of an IT security and risk management system for a decentralized, fast-paced and growing organization
? Provide guidance to the Legal Department to support the review and/or development of contract language related to IT security and compliance.
? Monitor information security trends for internal use and keeps business leadership informed about information security-related issues and activities potentially affecting the organization
? Keeps track of new regulations, industry best practices, and implement continuous improvement on an ongoing basis.
Systems and Standards
? Maintains a clean, neat work environment
? Completes all tasks in a timely manner
? Collaborate with senior management and colleagues to ensure that services can be adequately maintained to meet the needs of internal and external stakeholders, clients, et
? Interfaces with management and technology support personnel
? Establishes culture of courtesy, respect and dignity in client and associates interactions
Safety and Risk Management
? Understands and follow safety and security procedures
? Practices preventative safety procedures as set forth by Towne Park
? Reports all potential high risk areas and safety concerns to the CIO
? Uses only equipment trained to use and operates all equipment in a safe manner
KNOWLEDGE, SKILLS AND ABILITIES
? Highly knowledgeable in applications, infrastructure, development, and integration methods.
? Ability to maintain confidential information and to exercise considerable judgment and discretion in dealing with matters of significance for the company
? Ability to research information and analyze data to arrive at valid conclusions, recommendations, and plans of action
? Ability to effectively plan, set priorities, and manage several complex projects simultaneously across the organization while working under pressure to meet deadlines
? Ability to read, analyze, interpret and develop business policies, procedures, manuals, training materials, and corporate communications
? Ability to compose professional internal and external business communications including reports, memos, letters, and e-mails
? Superior written and verbal communication skills to effectively address all levels within the organization
? Strong ability to move between tactical and strategic aspects of business
? Ability to analyze, define and diagnose problems and then work with teams in order to execute resolution
? Ability to represent the company effectively in a variety of settings with a demonstrated understanding and appreciation for diverse cultures
QUALIFICATIONS
? Bachelor’s degree preferred in Management Information Systems and/or Technology field.
? Minimum of 10 years of related experience in the IT/Security field and/or compliance related role
? Working knowledge of the IT Security Management(ISO27001) and PCI Security Standards
? CISSP Certification, Certified Information Security Auditor (CISA), Payment Card Industry Internal Security Assessor (ISA), or other relevant professional credential highly preferred
? Experience in defining and managing security standards to protect PII (personally identifiable information)
? At least five (5) years of supervisory or cross-functional team leadership experience
? At least five (5) years of project management experience
? Previous experience with multi-site, multi-state, multi-functional organizations
PHYSICAL DEMANDS AND WORK ENVIRONMENT
The physical demands described here are representative of those that must be met by an associate to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
? The associate is regularly required to stand; walk; sit; use hands to finger, handle, or feel objects, tools or controls; reach with hands and arms; climb stairs; balance; stoop, kneel, crouch or crawl; and talk or hear
? Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus
? The associate must occasionally lift and/or move up to 50 pounds
? Working extended hours may be required as needed
? Travel of up to 25% may be required
Working with Towne Park offers a variety of employment opportunities for your unique career plan! Whether you’re a part-timer, careerist or adventurer, Towne Park gives you the tools to learn and grow. With business in 50+ national markets, there’s no limit to where Towne Park might take you!
No matter what you’re looking for, Towne Park provides a winning environment working alongside the brightest and friendliest colleagues around. Whether it’s team events, giving back to the communities where we live and work, or celebrating a Towne Park win, you’ll find a fun and welcoming work experience!
JOB SUMMARY
The Director of Information Security and Governance is responsible for establishing and maintaining a company-wide security program to ensure that “information assets” (data, software, personal credit card (PCI), personal identifiable information (PII) are adequately protected across all operating and corporate support units. This position is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, reduces risk, and improves productivity.
DUTIES AND RESPONSIBILITIES
? Designs and manages the company’s internal information security policy framework.
? Development, testing and implementation of appropriate security plans, products and control techniques.
? Ensure Compliance with PCI-DSS by working with operational partners, third party service providers, technology configurations and company processes. This includes having an in-depth knowledge of all best of breed technology, tactics, and configuration to provide the best security to the company
? Develop protocols and procedures for the IT staff in response to alert and log management. This also includes overall IT Security protocols for data leakage, endpoint, email, hosted solutions, and all classification of data at rest and data in motion.
? Develop and maintain comprehensive strategy on cyber security risk and mitigation protocols.
? Ensures the organization's Information security policies and strategies are in compliance with applicable external regulations, internal policies and strategic initiatives of the organization.
? Manages security and compliance projects across multiple teams, including operations, IT, Corporate Operations, and other internal departments.
? Advises internal business stakeholders on security and compliance requirements and works in cross-functional partnership to help ensure those requirements are met.
? Develops and owns an annual security assessment, security and compliance awareness training, disaster recovery and business continuity plans.
? Conduct Briefing Sessions with the CIO and business sponsors to review results and findings of assessment/audits to ascertain operational effectiveness of IT general controls and identify risks.
? Coordinate external and internal security and compliance audit activities and manage the remediation activities.
? Convey Towne Park’s security and compliance program to third parties, including clients, insurance carriers, regulatory agencies, etc., as necessary.
? Provide thought leadership regarding the implementation and execution of an IT security and risk management system for a decentralized, fast-paced and growing organization
? Provide guidance to the Legal Department to support the review and/or development of contract language related to IT security and compliance.
? Monitor information security trends for internal use and keeps business leadership informed about information security-related issues and activities potentially affecting the organization
? Keeps track of new regulations, industry best practices, and implement continuous improvement on an ongoing basis.
Systems and Standards
? Maintains a clean, neat work environment
? Completes all tasks in a timely manner
? Collaborate with senior management and colleagues to ensure that services can be adequately maintained to meet the needs of internal and external stakeholders, clients, et
? Interfaces with management and technology support personnel
? Establishes culture of courtesy, respect and dignity in client and associates interactions
Safety and Risk Management
? Understands and follow safety and security procedures
? Practices preventative safety procedures as set forth by Towne Park
? Reports all potential high risk areas and safety concerns to the CIO
? Uses only equipment trained to use and operates all equipment in a safe manner
KNOWLEDGE, SKILLS AND ABILITIES
? Highly knowledgeable in applications, infrastructure, development, and integration methods.
? Ability to maintain confidential information and to exercise considerable judgment and discretion in dealing with matters of significance for the company
? Ability to research information and analyze data to arrive at valid conclusions, recommendations, and plans of action
? Ability to effectively plan, set priorities, and manage several complex projects simultaneously across the organization while working under pressure to meet deadlines
? Ability to read, analyze, interpret and develop business policies, procedures, manuals, training materials, and corporate communications
? Ability to compose professional internal and external business communications including reports, memos, letters, and e-mails
? Superior written and verbal communication skills to effectively address all levels within the organization
? Strong ability to move between tactical and strategic aspects of business
? Ability to analyze, define and diagnose problems and then work with teams in order to execute resolution
? Ability to represent the company effectively in a variety of settings with a demonstrated understanding and appreciation for diverse cultures
QUALIFICATIONS
? Bachelor’s degree preferred in Management Information Systems and/or Technology field.
? Minimum of 10 years of related experience in the IT/Security field and/or compliance related role
? Working knowledge of the IT Security Management(ISO27001) and PCI Security Standards
? CISSP Certification, Certified Information Security Auditor (CISA), Payment Card Industry Internal Security Assessor (ISA), or other relevant professional credential highly preferred
? Experience in defining and managing security standards to protect PII (personally identifiable information)
? At least five (5) years of supervisory or cross-functional team leadership experience
? At least five (5) years of project management experience
? Previous experience with multi-site, multi-state, multi-functional organizations
PHYSICAL DEMANDS AND WORK ENVIRONMENT
The physical demands described here are representative of those that must be met by an associate to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
? The associate is regularly required to stand; walk; sit; use hands to finger, handle, or feel objects, tools or controls; reach with hands and arms; climb stairs; balance; stoop, kneel, crouch or crawl; and talk or hear
? Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus
? The associate must occasionally lift and/or move up to 50 pounds
? Working extended hours may be required as needed
? Travel of up to 25% may be required
Your Privacy Choices