The 1199SEIU Benefit & Pension Funds provide comprehensive health, pension, and quality of life benefits to unionized
workers represented by 1199SEIU United Healthcare Workers East. We are among the largest labor-management funds in the nation, covering 400,000 members and their families.
If you're ready for the brightest career future, join us in this excellent opportunity to showcase your talents. We are currently seeking an experienced Director for our Information Security department.
- Under the direction of the Chief Information Security Officer (CISO), the Information Security Director is responsible for managing the 1199 SEIU Funds Information Security Program, and leading the Information Security team in developing and monitoring practices to protect information and technical assets from unauthorized access and inappropriate alteration
- Oversee the design, implementation, and maintenance of systems and processesrequired to effectively detect, identify, and analyze security related events in order to protect the Funds information.
- Direct security management operations including incident-detect response, vulnerability resolution, threat analysis, internal/external penetration testing, and, identity and access management
- Continuously evaluate the security functions of existing and proposed technologies to ensure security requirements are met and further developed
- Coordinate security responses of all systems, networks, and hardware/software architectureassociated with security management
- Develop, maintain, and publish up-to-datesecurity policies, standards and guidelines for the computing and networking systems
- Ensure compliance with security policies and standards and the various levels of classifications of information
- Provide assistance to all departments in the implementation of their security programs; assure consistency among departmental security program implementation
- Collaborate with solution providers, contractors and vendors to ensure compliance with service level agreements (SLAs)
- Provide information and training on the security policies and practices for Fund employees and contractors as needed
- Develop security organization talent, engaging/managing third parties as needed to ensure the required capabilities are available either internally or externally
- Facilitate information security governance by contributing to the implementation of a collaborative governance program
- Provide regular reporting on the current status of the security program to the CISO and senior leadership
- Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security
- Conducts research and keeps abreast of latest technologies and innovations in information security and monitors industry trends and threats.
- Keeps management aware of worldwide trend, threats, vulnerabilities, breaches and their potential impact on the Fund's systems
- Perform additional duties and projects as assigned by management
- Must meet performance standards including attendance and punctuality
- Bachelor's degree in Information Security, Information Technology or related field required; Master's degreepreferred.
- Minimum of eight (8) years experience in Information Security; to include a minimum of six (6) years of leadership experience supervising professional staff required
- CISSP, GSEC or any other GIAC certification required
- Strong knowledge of the information security industry; specifically, for some of the following areas: mobility, cloud, detect-response/Security Incident and Event Management (SIEM), vulnerability management, penetration testing, encryption, threat analysis, data exfiltration analysis, data loss protection, application security testing, monitoring of firewalls including Web Application Firewall (WAF), Privileged Access Management (PAM), and Multi-Factor Authentication (MFA). Strong knowledge of National Institute of Standards and Technology (NIST) cybersecurity framework; and, working knowledge of ISO 27XXX series
- Strong knowledge of Health Insurance Portability and Accountability Act of 1996 (HIPAA); and, working knowledge of Payment Card Industry (PCI)
- Working knowledge of Microsoft Project and Microsoft Office tools, and Visio. Knowledge of securityarchitecture and integration with Information Technology infrastructure
- Exceptional organizational, attention to detail and research skills
- Professional manner, excellent writing and verbal skills a must
- Strong project management skills required and ability to manage projects effectively
We offer a competitive salary, an excellent fully employer-paid comprehensive benefits package and talented professional colleagues. For consideration and to apply, please visit us at . Please mention you saw this ad in Ladders. We are an Equal Opportunity Employer.