Provide effective leadership, strategic and technical vision for the Information Security department.  Assure the appropriate level of technology, staffing, skill levels, and processes required to deliver high-level information security policies, procedures and solutions to ensure the confidentiality and integrity of internal and customer assets.  Lead initiatives to identify and resolve information security issues.  Develop and recommend adjustments to policies and ensures strong continuing education regarding information security.  Work with leaders and staff within a business unit to establish short and long-term business plans and objectives.  Build, develop, and maintain relationships with internal and external customers, and vendors to formulate solutions to company and customer system issues related to information security.  Clearly communicates business unit/department goals to staff and works with staff to translate them into specific performance goals.  Direct activities targeting the adoption and implementation of ISO 17799 compliant processes. Make recommendations regarding hiring and retention of staff and assign, motivate, evaluate, train and counsel assigned staff. Gain commitment of management to support and fund new programs and development.  Job requires a Bachelor degree in Information Systems, Information Security or related field or an equivalent combination of education and experience from which comparable knowledge and skills may be obtained; ten or more years of experience demonstrated management and leadership of teams of 20 or more individuals, hands-on computer security experience

Additional Specifications

The Information Security Director studies and understands business needs, leads strategy sessions, understands technology limitations/features and sets expectations, including designing and engineering the implementation of new strategic tools for the Total Access Control initiative.  Engineering of the solution will include hardware, OS, databases, n-tier components, and interactions between all components, new releases and migration impacts. The Information Security Director’s main responsibility will be to act as the Chief Engineer when reviewing all aspects of security projects including implementing new systems, integrating existing and new systems, and redesigning existing systems to work in new ways by re-architecting or re-engineering their purpose.

The Information Security Director:
- Researches new features, software and tools
- Prepares, oversees and coordinates database and application designs
- Inspects database solutions
- Creates and enforces development standards and processes (coding, naming, data access, documentation)
- Creates and enforces architectural and engineering standards for security, availability, replication, storage and configuration management
- Creates and enforces design and development standards and will be responsible for reviewing designs and hosting code review sessions
- Key contributor to logical & physical data models when needed
- Ensures Metadata is properly defined (data sources, business rules, data rules, extract rules, transformations)
- Sets ETL standards
- Ensures consistency across implementations (conformed dimensions, data cleansing, data integrity, data quality)
- Defines data archive/purge standards
- Prepares presentations and whitepapers
- Will work with Project Manager to ensure all tasks of the project plan are documented and tracked.

The ideal candidate will possess the following credentials:
- Bachelor's degree in Computer Science, Engineering, or related discipline, or equivalent extensive and related experience.
- 7 years of experience in the development of distributed, mission critical applications in heterogeneous environments/architectures for multi-user systems.
- 5 years of technical leadership and architecture and engineering experience.
- Strong ability to develop technical specifications.
- Solid experiences in relational databases (DB2, Oracle, SQL Server) and database scripting (e.g. PL/SQL).
- Experience with and a solid understanding of directories including X.500 and LDAP standards
- Experience and knowledge of security encryption methods.
- Understanding and experience with identity management, access management & recertification methods, password vaulting, centralized authorization mechanisms and security methodologies in general
- Understanding of certification practices related to security access.
- Experience and understanding of role based access and role mining.
- Solid understanding of mechanisms required for satisfying architectural attributes for a system and correlating those requirements into engineered solutions.
- Strong leadership capabilities.
- Strong written and verbal communications skills
- Have an aptitude to learn and apply new technologies.
- Ability to interact and communicate effectively with internal and external clients as needed to clarify business, operational, or technical requirements.
- CISSP certification a plus but not required.
- Candidates with experience in Financial Services industry knowledge a plus!

** If you are interested in this opportunity please email a copy of your resume to kate@altaassociates.com**