Director of Information Security

Job Title: Director, Information Security

Overview

FreightVerify is a supply chain technology company that provides real-time transportation visibility and business intelligence for global enterprise clients. Utilizing the latest IoT, data and AI technologies, FreightVerify provides a neutral platform that simplifies complex global supply chains through a common design language to leverage new and emerging tracking technologies.

Job Summary

The Director, Information Security will lead the vision and strategy to define, socialize and implement the enterprise Security strategy and roadmap for FreightVerify Cloud Platform.  You will play a key role within the Engineering organization as a thought leader and champion of best practices in the Information Security area. The Director, Information Security will serve as Information Security Officer and is charged with ensuring internal IT security policies, procedures, guidelines, standards, and activities that comply with all applicable security requirements.  You will be a hands-on leader who is technically adept and has the desire and capability to mentor every individual on the team.

 Primary Responsibilities

• Create a strategic plan for the deployment of information security technologies and program enhancements.
• Maintain policies, procedures, and standards to protect the privacy and integrity of data.
• Manage development and application of IT security procedures and protocols.
• Provides in depth Technical Security guidance and is identified as the Security Subject Matter Experts (SME) for various technologies and project areas
• Collaborate with key stakeholders to establish, grow, and maintain an IT security risk management program.
• Audit existing systems and provide comprehensive risk assessments.
• Own the process for conducting security audits, including selection of 3rd party vendors
• Prioritize and allocate IT security resources correctly and efficiently.
• Develop contingency plans and manage security breaches.
• Integrate IT systems development with IT security policies and information protection strategies.
• Monitor security vulnerabilities, threats, and events in network and host systems.
• Manages the process of responding to vendor IT assessment requests from prospects / customers
• Lead education programs focused on user awareness and security compliance.
• Plays a key strategic role on CTO’s Leadership Team in helping to set the company's direction and technology vision

Qualifications

• 7 years of experience in being responsible for Information Security in a SaaS software company
• Highly self-motivated and customer-focused individual with effective communication and facilitation skills
• Ability to facilitate management level conversations on how to balance business opportunities against security risks
• Experience on executing information security strategies with cloud computing platforms (AWS, Azure)
• Experience implementing and administering cloud-based IT infrastructure, collaboration, & security systems
• Familiarity with networking and firewall systems.
• Experience with compliance frameworks like SOC 2 Type 1, PCI, HIPAA and working with third parties for attestation (auditors, penetration testers, etc.
• Strong influencing skills leading technology discussions at the senior leadership level
• Ability to collaborate and manage relationships with other business units, external vendors and stakeholders
• Strong work ethic, self-directed and resourceful
• Strong multi tasking and prioritizing abilities while being nimble and adaptable
• Demonstrated written and verbal communication skills
• Projects the highest levels of integrity while winning through a consultative and embracing personality
• Superior interpersonal communication and presentation skills as well as proven organizational skills
• Experience working with start-up companies a plus