The Director of Information Security is responsible for establishing and maintaining information security management program to ensure that information assets are adequately protected and support the Safelite technology team with building security practices, technology, and thinking into every technology product we create and service we run. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements in alignment with the risk posture of the organization. The Director of Information Security will proactively work with business units to implement practices that meet defined policies and standards for information security. This position is the owner of all activities related to the security, integrity and confidentiality of customer, business partner, employee and business information. The Director will support and implement standards for our solutions delivery and our infrastructure and ensure their adoption across the technology organization.
Find a career. Gain a family.
Safelite will be unlike any place you've ever worked. (This won't be just the daily grind!) You'll join caring and passionate teams that collaborate to make a difference, deliver extraordinary results and bring unexpected happiness. Every day. Your effort, heart and creative ideas will be valued and rewarded. And we care about your well-being. So, we'll strive to give you what you need to be happy at work and at home.
- Support selection testing, deployment, and maintenance of security hardware and software products as well as outsourced arrangements.
- Provide leadership through strong working relationships and collaboration to develop strategic goals for information security compliance and risk mediation.
- Coordinate the development and maintenance of information systems security policies, procedures, standards, and guidelines.
- Stay well-informed of best practices in the IT security field, coordinate and/or evaluates new and emerging security practices and technologies.
- Ensures that disaster recovery and business continuity plans are in place and tested and are aligned with Client Contracts.
- 8 to 10 years of experience in risk management and information security with strong leadership skills and the ability to work effectively with business managers, IT engineering, and IT operations staff required.
- Bachelor's degree or equivalent required.
- CISO preferred.
- Certifications such as CISSP, CISM, CISA, etc are preferred.
- 4 years of experience in a management role preferred. Employment history must demonstrate increasing levels of responsibility.
- Proven track record and experience in developing information security policies and procedures and successfully executing security programs required.
- Knowledge and understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard required.
- Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
- High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity required.
- Understanding of Security operations on AWS Cloud preferred.
We're known as an auto glass company. That's the focus of what we do. But we're much more -- we're a growing and evolving service brand. And what really makes us unique is our people. Because at our core, we're a People Powered organization -- and our people come first and our culture matters. We'll help you find a fulfilling career path and encourage you to have a life. Let us be the best place you'll ever work.