Director of Information Security

Overview

On Site
Full Time

Skills

Legal
ISO/IEC 27001:2005
National Institute of Standards and Technology
FedRAMP
FOCUS
Cross-functional team
Design
Knowledge management
Continuous improvement
Automation
Problem solving
Roadmaps
Governance
Identity management
Policies
Status reports
Due diligence
Security awareness
Collaboration
As-is process
System on a chip
Payment card industry
Information Technology
Management
IT risk
Disaster recovery
Incident management
Planning
Testing
Data security
Regulatory Compliance
Field engineering
Computer science
Mathematics
Statistics
Management information systems
Operations research
Information systems
CISSP
Public speaking
Presentations
Communication
Organized
Customer service
Software engineering
Analytics
Cloud computing
Leadership
Data
Privacy
Risk management
Information security
Transformation
IT service management
Information management
Managed Print Services
MSP
Brand
Sustainability
Partnership
Law

Job Details

Overview

The Director of Information Security oversees the enterprise's security and is responsible for defining an information security program and roadmap that optimizes key controls to identify, prevent, detect, escalate, respond and recover from information security related risks and incidents. The role will ensure that KM systems comply with all legal, regulatory, industry requirements (e.g. JSOX, ISO27001, NIST, FEDRAMP etc.), corporate policies, standards, and procedures. This position requires a strategic view with tactical execution and partnering across the organization to provide the highest levels of information security with equal focus on people, processes and technology.

Responsibilities

Lead and motivate a team of direct reports along with a cross functional team to design, implement, and assess controls that are designed to protect KM"s information and supporting technology platforms. The position is responsible for serving as the Security subject matter expert supporting processes, continuous improvement, corrective and preventive actions and driving automation of controls. This function includes, but is not limited to, independently performing complex and often unique work assignments and problem resolution within enterprise projects and functions.

Own Enterprise Information Security Program to drive risk mitigation, meet compliance requirements, and oversee operational controls

Develop and execute on tactical and strategic goals to ensure a comprehensive information security program and roadmap. Establish annual security and compliance goals are met

Implement standards, governance and security policies that reduce vulnerability

Ensure effective identity and access management (IAM) controls are deployed and used

Communicate information security policies, standards and guidelines across the company

Provide current status reporting of the information security program to the Executive Team

Respond to client and prospect due diligence/bid questionnaires and interviews.

Manage the people, processes and technologies that provide situational security awareness through the detection, containment, and remediation of IT threats

Assure ongoing penetration, vulnerability, disaster recovery, and data breach tests occur.

Collaborate with all areas of IT and Business led IT to mitigate vulnerabilities and implement security measures

Lead compliance efforts such as IS27000, SOC 2, PCI, Fed Ramp and others

Integrate security into the development lifecycle for new solutions

Oversee the Information Security Committee

Apply risk management methods to information technology in order to manage IT risk

Protect integrity, availability, authenticity, non-repudiation and confidentiality of data

Work with internal auditors and outside advisors on required security assessments

Support and guide disaster recovery planning and testing

Lead security incident management including planning, testing, and remediation activities. Provide immediate response and action plans in the event of a data security threat or issue. Act as primary control point during significant information security incidents

Promote a data privacy culture by advocating best practices, advising associates on how to deliver compliance, and informing key stakeholders on their obligation to adhere to those laws when dealing with personal data

Qualifications

A Bachelor's Degree in a technical field (engineering, computer science, mathematics, statistics, management information systems, operations research, etc.) is required.

M.S. or M.B.A. is strongly preferred.

Certified Information Systems Security Professional (CISSP) - Strongly Desired

Experience working in a co-operation information security program.

Good public speaking and presentation skills and excellent written and verbal communication skills.

Interpersonal skills and ability to interact and work with staff at all levels.

Ability to work independently and in a team environment.

Ability to pay attention to details and be organized.

Ability to project professionalism and to handle multiple tasks in a fast-paced environment.

Commitment to "internal client" and customer service principles

Depth in modern technology stacks, specifically infrastructure, software engineering, data and analytics, and cloud - both public and "hybrid" models.

Has 10+ years of experience leading information security in a complex enterprise and possesses a strong understanding of data privacy and protection.

Demonstrated track record of information security transformation - A thought leader in the delivery of innovative cyber and risk management solutions through security rigor.

Understands the balance and nuances required to modernize information security capabilities in a hybrid technology environment with both legacy and modern technology practices and resources

About Us

Konica Minolta's journey started 150 years ago, with a vision to see and do things differently. We innovate for the good of society and the world. The same purpose that kept us moving then, keeps us moving now. Konica Minolta Business Solutions U.S.A., Inc. is reshaping and revolutionizing the workplace to achieve true connectivity through the . The company guides and supports its clients' digital transformation through its expansive office technology portfolio, including IT Services (), intelligent information management, managed print services and industrial and commercial print solutions. Konica Minolta has been included on CRN's MSP 500 list nine times and The World Technology Awards named the company a finalist in the IT Software category. Konica Minolta has been recognized as the #1 Brand for Customer Loyalty in the MFP Office Copier Market by Brand Keys for sixteen consecutive years, and is proud to be ranked on the . The company received Keypoint Intelligence's BLI 2021 A3 Line of The Year Award and BLI 2021-2023 Most Color Consistent A3 Brand Award for its . Konica Minolta, Inc. has been named to the Dow Jones Sustainability World Index for nine consecutive years and has spent six years on the Global 100 Most Sustainable Corporations in the World . Konica Minolta partners with its clients to give shape to ideas and works to bring value to our society. For more information, please visit us and follow Konica Minolta on , , and .

EOE Statement

Konica Minolta is an equal opportunity and affirmative action employer. We consider all qualified applicants for employment without regard to race, color, religion, creed, national origin, sex, pregnancy, age, sexual orientation, transgender status, gender identity, disability, alienage or citizenship status, marital status or partnership status, genetic information, veteran status or any other characteristic protected under applicable law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.