Posted: Thursday, April 13, 2017 10:12 AM
POSITION SUMMARY:TRISTAR is currently seeking a new member of the senior management team. This position will have broad functional responsibility across the full continuum for information security strategy and architecture. This will include defining the current information security strategy and clearly communicating the strategy across the business and technology teams.Responsible for bridging the gap between corporate business process and policy directives and technical security measuresIDEAL CANDIDATE Understands systems, application development, Compliance and Risk Mitigation. Strong manager/leader of the corporate security function and security team. Clear vision of the future of corporate security. Experienced and comfortable reporting to the highest levels of management and the Board of Directors. Able to talk shop with leadership. Sophisticated understanding of costs and related benefits of program implementation.Understands and can be a leader / driver in program and project management within department. This individual must be able to be effective in the execution of security projects and be able to clearly communicate across the IT organization and Executives. Communications and collaborative execution is a CRITICAL component of this role. Job RequirementsThe main responsibility is one of risk management, advising senior management about risks to the business due to the implementation of technology used in operations. Responsible for security policies, architectures, standards and enforcement. Primary role is to improve and manage global information security. SPECIFIC RESPONSIBILITIES of Vice President of Information Technology Security Develop, implement and manage the enterprise wide process business risk:based information security strategies and associated architecture consistent with overall corporate strategic plan. Develop and implement a comprehensive Security Program. Define, identify and classify critical information assets, assess threats and vulnerabilities regarding those assets and implement safeguard recommendations. Manage the development and implementation of global security policy, Including policies, standards and guidelines related to personnel, facilities, data security, disaster recovery and business continuity Oversee the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary. Serve as enterprise focal point for computer security incident response planning, execution and awareness. Develop a process to review new facilities, applications and/or technology environments during the development or acquisitions process to ensure compliance with corporate security policies and directions. Develop and manage the information classification process. Develop and manage enterprise:wide functional and technical security architectures. Develop business cases rationalizing ROI in implementing effective Security Programs. Implement the Security ProgramA?s risk and control framework and global IT Risk strategy and ensure early recognition of new IT developments and/or risks. Ensure that core IT processes meet business and regulatory control objectives. Provide support, coaching and consulting to new Security Program initiatives and projects to ensure alignment and compliance of these projects/initiatives with the Security Program risk and control framework. Ensure adherence through auditing and review of critical projects, applications and/or processes.Collaborate in a diverse, multi:region, complex, cross:functional environment.Develop/manage the information risk analysis, assessment and acceptance processesChampion the program using a variety of change management tools. Advise business managers and technical personnel as to the implementation of the program in their respective areas. Act as the liaison between Internal Audit and IT; review all audit reports and responses to ensure timeliness and the effectiveness of the corrective actions.
• Location: North DFW
• Post ID: 49537903 northdfw