Director, Information Security
Overview:
Cedar Fair is seeking a Director, Information Security for our Corporate Office in Charlotte, NC.
The Director, Information Security will be part of the Corporate IT Team and will report to the Corporate VP of IT Infrastructure, Operations and Security.
The Director will be responsible for identifying, evaluating, and reporting on all cyber security risk and leading all information security efforts.
This includes leading the development of information security strategies, technology best practices, vulnerability management, access controls, vendor risk management, cloud security, security architecture and Disaster Recovery / Contingency Planning.
The Director will work with executives and leadership across multiple departments to ensure the security program is effective by delivering senior level presentations on cyber security and developing strategies to reduce risk and allow for business continuity.
This position will have a team of information security specialists to assist in development and delivery of IT security standards, architecture, and systems to ensure data security across the company.
Responsibilities:
Provide leadership, vision and direction for Information Security initiatives that support and protect the company's business objectives and requirements.
Includes managing and mentoring the security support team and providing associate development, training, and performance management.
Maintain role as technical expert for information security policies, practices, and procedures; ensure information security policies, procedures and updates are communicated appropriately.
Leading the team to monitor security vulnerabilities and threats in our technology systems while anticipating new security threats by staying up to date with evolving technologies.
Includes performing risk assessments and cost benefit analysis to determine appropriate level of security controls required.
Support the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies.
Maintain the Information Security Incident Response Playbook on an annual basis.
Participate in an annual exercise to ensure there are no security gaps.
Communicate effectively with diverse teams across the company, internal divisions and external vendors on support updates, and project planning.
Includes coordinating information systems security efforts with third party auditors and outside vendors.
Develops daily, weekly, monthly, quarterly, and annual audits, checklists, and preventive measures manually and/or through automation as needed to ensure security standards and compliance are continuously met.
Collaborate with other engineers, system administrators, software developers, users, and management to select appropriate design solutions to ensure security of any technology implementations.
Responsible for Cybersecurity risk management and governance across 13 Cedar Fair properties, including cloud data centers.
SCOPE & IMPACT:
Responsible for Application, Data, Network and Endpoint security for over 10,000 devices.
Responsible for Cybersecurity awareness and training for over 8,000 users.
Responsible for evaluation and recommendation of all security tool selections.
Qualifications:
Bachelor's Degree in Computer Science, Information Security, or related field.
Master's Degree preferred.
10
years experience with 5
years experience in a supervisory role.
Certifications preferred:
CISSP, CISA, CISM or similar certifications.
Experience with Office 365, Amazon Web Services, Azure Infrastructure.
Advanced knowledge:
TCP/IP, routing protocols, firewalls, SIEM, antivirus and IDPS concepts.
Experience with penetrations testing and techniques.
Understanding of compliance frameworks and best practices (PCI-DSS, SOC2, OWASP, NIST).
Ability to pass a background check, if 18 years of age or older, which may include, but is not limited to, credit, criminal, DMV, previous employment, education and personal references, per Company policy, unless prohibited by federal, state, or provincial law.
#LI-CM1 Recommended Skills Access Controls Amazon Web Services Architecture Auditing Automation Business Planning Estimated Salary: $20 to $28 per hour based on qualifications.
Cedar Fair is seeking a Director, Information Security for our Corporate Office in Charlotte, NC.
The Director, Information Security will be part of the Corporate IT Team and will report to the Corporate VP of IT Infrastructure, Operations and Security.
The Director will be responsible for identifying, evaluating, and reporting on all cyber security risk and leading all information security efforts.
This includes leading the development of information security strategies, technology best practices, vulnerability management, access controls, vendor risk management, cloud security, security architecture and Disaster Recovery / Contingency Planning.
The Director will work with executives and leadership across multiple departments to ensure the security program is effective by delivering senior level presentations on cyber security and developing strategies to reduce risk and allow for business continuity.
This position will have a team of information security specialists to assist in development and delivery of IT security standards, architecture, and systems to ensure data security across the company.
Responsibilities:
Provide leadership, vision and direction for Information Security initiatives that support and protect the company's business objectives and requirements.
Includes managing and mentoring the security support team and providing associate development, training, and performance management.
Maintain role as technical expert for information security policies, practices, and procedures; ensure information security policies, procedures and updates are communicated appropriately.
Leading the team to monitor security vulnerabilities and threats in our technology systems while anticipating new security threats by staying up to date with evolving technologies.
Includes performing risk assessments and cost benefit analysis to determine appropriate level of security controls required.
Support the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies.
Maintain the Information Security Incident Response Playbook on an annual basis.
Participate in an annual exercise to ensure there are no security gaps.
Communicate effectively with diverse teams across the company, internal divisions and external vendors on support updates, and project planning.
Includes coordinating information systems security efforts with third party auditors and outside vendors.
Develops daily, weekly, monthly, quarterly, and annual audits, checklists, and preventive measures manually and/or through automation as needed to ensure security standards and compliance are continuously met.
Collaborate with other engineers, system administrators, software developers, users, and management to select appropriate design solutions to ensure security of any technology implementations.
Responsible for Cybersecurity risk management and governance across 13 Cedar Fair properties, including cloud data centers.
SCOPE & IMPACT:
Responsible for Application, Data, Network and Endpoint security for over 10,000 devices.
Responsible for Cybersecurity awareness and training for over 8,000 users.
Responsible for evaluation and recommendation of all security tool selections.
Qualifications:
Bachelor's Degree in Computer Science, Information Security, or related field.
Master's Degree preferred.
10
years experience with 5
years experience in a supervisory role.
Certifications preferred:
CISSP, CISA, CISM or similar certifications.
Experience with Office 365, Amazon Web Services, Azure Infrastructure.
Advanced knowledge:
TCP/IP, routing protocols, firewalls, SIEM, antivirus and IDPS concepts.
Experience with penetrations testing and techniques.
Understanding of compliance frameworks and best practices (PCI-DSS, SOC2, OWASP, NIST).
Ability to pass a background check, if 18 years of age or older, which may include, but is not limited to, credit, criminal, DMV, previous employment, education and personal references, per Company policy, unless prohibited by federal, state, or provincial law.
#LI-CM1 Recommended Skills Access Controls Amazon Web Services Architecture Auditing Automation Business Planning Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
