Director of Information Security
Tech24 is a national provider of installation, preventative maintenance, and emergency repair services for commercial foodservice and HVAC equipment. Over the last three years the Tech24 family of companies has experienced rapid growth through 22 acquisitions, and more planned. Tech24 currently has over 1200 associates in 101 locations across 26 states. This is an onsite position located in Greenville, SC.
The Director of Information Security will be responsible for ensuring the security, confidentiality, integrity, availability, and storage of all information assets within the organization. In this role, you will assess, expand, and improve existing Information Security operations, policies, and procedures. You will have responsibility for information security across our enterprise including our portfolio of business partners. The role reports to the Chief Information Officer and will work closely with the Director of IT Infrastructure to develop and implement collaborative and integrated security operations.
Responsibilities:
-
Develop and manage a targeted information security awareness training program for all employees, contractors, and approved system users, and establish metrics to measure the effectiveness of this security training program for different audiences.
-
Perform annual risk assessment and business impact analysis.
-
Establish and enforce robust plans, policies, standards, and procedures to safeguard company assets and customer data, ensuring compliance with regulations and fostering a secure operational environment.
-
Develop and implement security KPIs, providing real-time dashboards and quarterly reports to the Tech24 Board of Directors.
-
Perform real-time security monitoring, detection and response to security events and incidents within the Tech24 environment.
-
Conduct thorough investigations of security events generated by detection mechanisms such as SIEM, IDS/IPS, AV, etc.
-
Review existing security architecture, identify design gaps, and recommend security enhancements.
-
Work with cybersecurity support vendors to ensure the consistent secure administration of Tech24 systems, infrastructure, and cybersecurity monitoring tools.
-
Demonstrate the ability to assess, formulate and execute security recommendations for acquisitions, ensuring a thorough evaluation of potential risks and alignment with established security standards and best practices.
-
Work in close partnership with senior business leaders in implementing vulnerability and risk remediation and/or mitigation plans. Establish and maintain effective communication channels across the enterprise.
Qualifications:
-
Bachelor’s degree in computer science, cyber security, information risk management, or a relevant IT field, or equivalent experience.
-
Master’s degree preferred.
-
Formal training or certification in security engineering concepts and have 5 years of proven experience in the technology risk & controls and information risk management fields (e.g., identification of technology risks & effective mitigation, technology risk & controls assessments, associated governance & reporting, etc.)
-
10 years' work experience in IT operations.
-
CISSP or equivalent required.
-
Implementing, managing, and driving all Information Security, training, policies, and review activities in accordance with applicable cybersecurity standards and privacy regulations.
-
Strong organizational, project management, and multi-tasking skills with demonstrated ability to modernize security operations and compliance processes.
-
Deep understanding of NIST Cybersecurity Framework, ISO 27001, and similar frameworks/assessment models.
-
Effective understanding of cloud security, datacenter security, application security, endpoint security and security audit practices and industry certifications.
-
Advanced experience managing cloud security tools such as IDR, MDR, Forensic and Security Awareness training tools.
-
Strong knowledge of current trends and changes in cybersecurity and technology.
-
Strong documentation skills particularly in developing and documenting plans and processes.
-
Ability to collaborate with high-performing teams and diverse stakeholders to accomplish common goals, including experience working with geographically distributed and culturally diverse colleagues.
Tech24 is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.
For more information about Tech24 and our career opportunities visit https://www.mytech24.com/careers/