Information Security Director jobs in Boca Raton, FL

ProfitSolv is a SaaS business services provider for the legal and accounting industry. We are looking for a Director of Information Security to join our growing team! :

The primary function of this position is to be responsible for all aspects of cybersecurity, GRC, and Data Privacy. As the Director of Information Security, you will develop and own the organization-wide Information Security strategy, policies & procedures (GRC), managing implementations of security devices, equipment, controls, and technology. This is a transformational and step-up opportunity for a leader seeking a CISO position. The role is multifaceted and requires an entrepreneurial perspective. The successful candidate will possess a mix of leadership, technical and compliance skills,

What we provide:

• Opportunity to Invest in Your Future:. We offer a 401K match.

• Paid Time Off:. Enjoy paid time off and paid holidays.

• Great Coverage:. Take advantage of health, dental, and vision HSA and FSA policies.

• A Great Team:. Collaborate with smart, curious, hardworking individuals.

• Performance Compensation:. Be rewarded for your hard work with performance-based merits.

• Casual Environment:. Be comfortable in our casual dress environment.

• Hybrid Work:. Want to work from home occasionally? No problem!

As a Director of Information Security, you will:

• Identify, assess and prioritize cybersecurity risks to the organizations’ information assets and create risk mitigation strategies to address risks effectively, leading incident response efforts and investigation to resolve security incidents.

• Support the sales team during RFP’s and presales discussions, conducting vendor risk evaluations, and annual policy certifications.

• Manage MSP’s in various security capabilities including enterprise detection and response (EDR), network detection and response (NDR), vulnerability assessment and discovery, identity and access management (IAM), data protection solutions and event logging systems (SEIM), Application Security (AppSec).

• Develop and execute a strategic cybersecurity roadmap to protect our SaaS products, infrastructure and data assets

• Establish and enforce security policies and procedures to ensure compliance with industry regulations (e.g. HIPAA, PCI) and best practices.

• Design, evaluate, and architect modern security systems and solutions for both co-location and public cloud environments to safeguard the organization’s infrastructure, networks and data

• Coordinate with external and internal partners including managed SOC/SIEM and MSP’s on security workflows and playbooks.

• Function as the leader of cyber response team supporting the investigation and remediation of cyber events and incidents.

• Analyze and assess cyber threats and critical attack surface across the enterprise and conduct regular risk assessments.

• Coordinate with 3rd party vendors and internal partners for timely execution of penetration tests, vulnerability scans, and application security evaluations (SAST, DAST). Implement employee training to enhance cybersecurity awareness promoting an organizational culture of security.

• Collaborate in creating business monitoring requirements including device logging standards.

• Protect customer and intellectual property (IP) data, by developing and enforcing Data Access and Data Privacy standards, in compliance with local laws, regulations, and industry standards (GDPR, CCPA etc.)

• Maintain a comprehensive library of Security policies, procedures, incidents, remediations, and controls. Provide regular reports and updates on the organization's cybersecurity posture to executive leadership, the security governance council, and relevant stakeholders.

• Coordinate and conduct regular security audits and assessments to ensure compliance with data protection laws, regulations, and industry standards.

This position follows established policies and procedures to keep confidential information secure.

A great fit for this position has:

• 5 years of progressive experience with security technology management and operations, with increasing responsibility and management progression.

• Experience with managing and operating end point security platforms, intrusion detection/protection, next generation firewalls, email security, SSO/MFA solutions and security logging and alerting systems.

• One or more industry certifications are required such as CISSP, CISM, or CISA.

• Strong knowledge of HIPAA, NIST CSF, PCI, CIS frameworks.

• Prior experience planning, researching, and developing security processes and procedures.

• Strong knowledge of secure cloud practices and frameworks, specifically in AWS and Azure.

• Effectiveness in incident response and threat intelligence programs.

• Knowledge of secure application security best practices.

• Experience with change and incident management processes.

• Effective verbal and written communication skills are necessary to advise and consult with user personnel and make formal presentations of project findings and recommendations.

• Proven organization planning, transformational leadership and change agent abilities and experience.

• Demonstrated experience with commercial security technologies: Microsoft, AWS, Palo Alto.

Additional desirable qualifications:

• Excellent troubleshooting skills, self-motivated, results-driven and well organized.

Our commitment to you:

At ProfitSolv, we are committed to being a diverse and inclusive workplace as an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. We embrace a diverse group of backgrounds and experiences to connect with clients, solve problems and innovate.