Information Security Director jobs in Yonkers, NY

Your role:

Global Relay is seeking a Director, Information Security to act as the organization’s trusted security resource. You will work closely with a variety of stakeholders including our commercial teams, Development and Engineering teams, and Operations team on all security-related matters.  

Reporting to the Chief Information Security Officer (CISO), you will play a key role in ensuring the successful implementation and completion of security initiatives alongside Global Relay’s business objectives. You will be Global Relay’s expert in its security practices and provide guidance on ever evolving security challenges and convey our Information Security strategy to our global customers and employees with confidence. You will lead a diverse, global team of security professionals to ensure Global Relay can scale its security program along with its expected growth.

Your job:

• Work with the CISO to provide senior level direction for our overall security program
• Constantly reinforce the security-minded culture of Global Relay to ensure it is the first and foremost focus across the business while working closely with the Heads of IT, Product Development, and Engineering to ensure constant alignment of the roadmap
• Foster a culture of security across Global Relay through staff training, documentation, and enforcing accountability at all levels
• Develop and execute strategic security programs that align with company goals and protect Global Relay’s information assets
• Manage a growing team, mentor and guide the development of the Cyber Security team to support career growth
• Provide regular reports with senior stakeholders on Global Relay’s cyber security standing, identified risks, and mitigation strategies
• Provide initiative, direction, and project management to staff in support of our key security goals and objectives and be able to solve the problems encountered in a collaborative fashion
• Act as a liaison between the security team, senior stakeholders, and customers
• Be the main point of contact for various security audits and customer audits (ISO 27001, SOC2, Penetration testing, customer audits, etc.)
• Drive ISO 27001 practices for Global Relay’s ISMS and look for constant areas of improvement
• Maintain alignment with security industry standards through successful ISO 27001 and SOC 2 audit outcomes
• Constantly conduct evaluations of Global Relay’s security measures, identify vulnerabilities, and make recommendations to reduce risk in a cycle of continuous improvement
• Perform risk assessment reviews and see all security requirements through to completion related to key acquisitions of software and/or services as a part of the Global Relay Vendor Success (procurement) process
• Supervise all incident response planning and investigations of non-compliance, if any; provide support for any disciplinary and legal matters associated with instances of non-compliances, if any, as necessary
• Continue to develop and deliver an Information Security Awareness program for Global Relay
• Other ad hoc analyses and InfoSec project work as required

About you:

• 10 years of experience in technology and 5 years of experience in operational security
• 5 years of managing technical teams
• Experience with the management of an information security management system (ISMS) within a fast-paced and growing international organization
• Demonstrated ability to effectively lead and work with a diverse team by using effective communication skills
• Strong knowledge of cybersecurity principles, frameworks (e.g., NIST, ISO 27001), and regulations (e.g., GDPR, CCPA) required
• Track record of successful implementation and management of ISO 27001 certifications and SOC 2 reports
• Background in information security technologies (e.g. industry standard operating environments, security tools, vulnerability management, enterprise SIEM tools, penetration testing, malware detection)
• Certification in one or more areas of security expertise, such as CISSP, CISA, or Certified Information Security Manager (CISM)
• Excellent verbal and written communication skills, with the ability to convey concepts to both technical and non-technical stakeholders and customers
• Ability to exercise integrity, tact and discretion in handling sensitive and confidential information
• Excellent organization skills with the ability to prioritize and multitask
• Strong analytical and problem-solving skills