Position: Director Information Security
Location: Boston, MA (Hybrid)
Duration: 6 Months (Contract)
Qualifications:
• BS degree required in Computer Science, Information Systems, Business, Management, or related field.
• Ten or more years of work experience, preferably in information security or IT management and ideally a combination of the two.
• Five or more years of progressive leadership experience in leading cross-functional teams and enterprise-wide programs, operating and influencing, effectively across the organization and within complex contexts
• Strong interpersonal skills. Ability to work across business lines at senior levels to influence and effect change to achieve common goals.
• Demonstrated leadership. A proven track record of successfully leading complex, multidisciplinary talent teams in new endeavors and delivering solutions.
• Strategic technology planning experience. Experience in strategic technology planning and execution, as well as policy development and maintenance.
• Analytical skills. Outstanding analytical and problem-solving abilities.
• Ability to effectively guide and sustain people, process, and technology change in a dynamic and complex operating environment.
• Seriousness or presence ("gravitas") to develop a risk management program, as well as to sell and embed it in all levels of the business.
• Fearlessness in suggesting or backing big ideas. Tenacity in focusing the information security process.
• Excellent oral and written communication skills. These skills will be used to explain security concepts and technologies to business leaders, and business concepts to technologists; and to sell ideas and processes internally at all levels.
• A strong understanding of the business impact of security tools, technologies, and policies.
• Experience with Identity and Access Management programs and prior experience leading IAM teams.
Key Responsibilities & Accountabilities:
60% of time
• Assumes responsibility for planning, design, and implementation of the information security program, risk and compliance, and identity and access management
• Balances equally the challenges that weigh on the business and the user, recognizing and communicating how each impacts risk, usability, and user experience
• Initiates communication with members of other departments and other members of development to ensure effective implementation
• Meets with project leadership, and other stakeholders to present and build support and agreement around their technical points-of-view
• Assists in the strategy through estimation exercises, staffing requests, and/or presentations
• Strong debugging and problem-solving skills
• Ability to work in a highly collaborative, team-based environment
• Effectively prioritize workload to meet deadlines and work objectives. Uses resources effectively and efficiently. Is reliable in work habits. Able to organize and self-direct execution of tasks/duties
20% of Time
• Coordinate, measure, and report on the technical aspects of security program.
• Lead security projects and provide expert guidance on security matters for other IT projects.
• Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
20% of time
Manages and provides ongoing coaching and mentoring to OIS staff.
• Acts as the organizational change agent for improving OIS’s maturity and practices, in support of ITS and University goals and strategy
• Sets and accomplishes challenging goals
• Develops plans that meet the architecture/technology needs of the organization, incorporating business priorities, strategies, goals, emerging technologies, industry trends and economic viability