New 
Director Of Information Security
 TEKsystems | |
$145,000.00 - $155,000.00 / yr
| |
life insurance, flexible benefit account, sick time, tuition reimbursement, 403(b), retirement plan
| |
 United States, New York, New York | |
 Sep 18, 2025 | |
|
*Description*
Reporting to the SVP of Technology, the Director of Information Security is a key leadership role in enabling and maintaining a stable, scalable, and secure ecosystem while ensuring that our business and customer data is protected and available. This position is responsible for leading and managing all functions within the Information Security Program that involves developing the strategic roadmap and overseeing the effective daily operations of the client's Security Program concerning Security Engineering, Operations, Governance, Risk, and Compliance. The Director of Information Security will drive the development and implementation of security controls, create security policies, manage vendor risks, raise cyber security awareness, monitor and respond to security incidents, and ensure data security, classification, and compliance are maintained. This position will also be responsible for the administration, implementation, and oversight of all IT Information Security and Data Protection strategies for the organization to ensure alignment with relevant laws, regulations, and industry standards. *Job Responsibilities (primary and secondary duties):* * Develop and execute the strategic roadmap for the security program, including security engineering, operations, governance, risk, and compliance. Focusing on fostering a culture of accountability and customer service. * Establish, implement, and oversee a comprehensive program to ensure the integrity, confidentiality, and availability of the client's data. This includes staying current on security trends and the threat landscape, as well as maintaining and enhancing existing cybersecurity tools. * Create high-quality documentation for the strategic security vision, including blueprints, standards, and frameworks that align with business goals. * Manage cybersecurity risks and ensure all security strategies aligned with relevant laws, regulations, and industry standards. This also involves overseeing cybersecurity compliance and leading security awareness and data privacy training programs. * Act as the primary escalation point for all security incidents, including those involving third parties. Lead the response and containment efforts for any breaches and ensure that the organization can effectively detect, protect, respond, and recover from threats. * Oversee information security projects, ensuring they are appropriately resourced and delivered on time, within scope, and on budget. * Responsible for managing vendor risks as part of the Information Security Program. Actively engage with vendors to understand their security roadmaps, technology directions, and investments aimed at enhancing security capabilities. *Job Requirements:* *Experience:* * 10+ years of progressive IT experience with at least 7 years in cybersecurity and 3+ years of management experience is required. * Demonstrated expertise in implementing and defining IT control frameworks and security controls such as NIST CSF, CIS as well as OWASP. * Deep technical knowledge of modern hosting, computing, and data delivery platforms, with a strong emphasis on security, is a must. * Proven ability to manage vendor relationships and govern third-party risks, ensuring their security practices align with organizational needs. * Deep and hands-on expertise in Microsoft-based cloud security products and services is required, along with familiarity in other cloud environments like AWS. * Proficiency with Data Loss Prevention (DLP) tools, including network, endpoint, and cloud-based solutions, is required. You must also have strong knowledge of cryptographic services and experience with the development of risk reduction strategies through technical and non-technical controls. * Strong knowledge of EDR, MDR, vulnerability management, and penetration testing is essential. Experience with SIEM, IPS/IDS, and Threat Intelligence tools is required for monitoring and analysis. The ideal candidate must act as the primary escalation point for all security incidents, including those involving third parties, and lead the response and containment of any breaches. * The ability to plan for and execute recovery procedures following a security incident is essential. * A strong understanding of global data privacy regulations and guidelines, such as GDPR and CCPA, is critical. * The ideal candidate must be skilled in drafting security standards, reference architectures, policies, procedures, and implementation guidelines. * Demonstrated understanding of technological trends and developments in the areas of information security, risk management, compliance controls, and cybersecurity best practices. * Experience in managing department budgets and recruiting staff is required. * The ideal candidate must be able to dive deep with the team and provide hands-on guidance to ensure proper project delivery. *Skills and Attributes:* * The ability to articulate complex cybersecurity issues and recommendations to non-technical stakeholders is crucial. This is particularly important for gaining support and funding from leadership and for creating effective security awareness training programs. * The ability to develop a strategic vision and roadmap for the security program that aligns with the client's overall business objectives. This goes beyond day-to-day technical tasks and requires forward-looking, high-level planning. * Experience with project management methodologies like Agile or Waterfall, as well as the ability to manage scope, timelines, and budgets. * The ability to collaborate effectively with different departments, including IT, legal, and operational teams, is critical for successful security implementation. The security leader must be seen as a partner, not a roadblock. * Attention to detail is vital for drafting security policies, analyzing logs, and identifying potential vulnerabilities. * The role requires excellent analytical skills to solve complex problems, especially during a security incident. The ability to perform root cause analysis (RCA) and develop effective remediation plans is a key skill. * Experience with Identity Management and Active Directory supporting SSO and MFA, OAuth and SAML based authentication, role-based access control, and identity federation such as Okta, EntraID, SailPoint, or similar platforms. * Working knowledge of EDR/MDR and Endpoint Management platforms such as CrowdStrike, Sophos, SentinelOne, Microsoft Defender, or similar services. * Experience with Vulnerability Management tools and ASV services such as Rapid 7, Qualys, Tenable or similar. * Strong understanding of network protocols, firewalls, VPN's, IDS/IPS, and other common security technologies including Cisco, Meraki, Fortinet, Palo Alto, etc. * Working knowledge of Email Security platforms such as CheckPoint, Proofpoint, Microsoft 365, Mimecast, or similar. * Experience with GRC platforms to manage governance processes such as Drata, Vanta, OneTrust, or similar. * Knowledge and practical application of auditing various information security/risk management frameworks. *Skills* IT Control Frameworks, NIST, Cloud Security, Azure, IAM, Data Loss Prevention, Security Operations, Vulnerability Management, Secrity Engineering, GRC, Leadership, Budgeting, Vendor Management Top Skills Details IT Control Frameworks,NIST,Cloud Security,Azure,IAM,Data Loss Prevention,Security Operations,Vulnerability Management,Secrity Engineering,GRC,Leadership,Budgeting,Vendor Management *Additional Skills & Qualifications* *Education & Certifications:* * Bachelor's degree in Engineering, Computer Science, or related field and/or related experience. * Professional security management certification such as CISSP, CISM, CISA, CompTIA Security +, or other similar credentials, preferred. *Experience Level* Expert Level *Pay and Benefits* The pay range for this position is $145000.00 - $155000.00/yr. Vacation, Personal & Sick Days o 10-20 days' vacation depending on level and longevity o 7 Sick/Personal days * 24 Paid Office Holidays per year including the 4th of July week and December holiday week * Summer Fridays * Day off for Annual Physical Exam * Bereavement & Jury Duty Leave * Day off for Volunteering at an organization of your choice * Up to 12 weeks of Maternity and Paternity Leave Insurance and Retirement Plans We are invested in not only our overall staff health but their future. * Medical, Dental & Vision for staff and families * Flexible Spending Account for Medical & Dependent Care Expenses * Sponsored Health Reimbursement Account ($500 per year) * Basic Life and AD&D Insurance * Supplemental Life Insurance * AFLAC Supplemental Insurance * Salary Continuation * Short-Term Disability * Long-Term Disability * 403(b) Retirement Plan * 403(b) Employer Contribution * Retirement Planning Assistance * Commuter Reimbursement Program * Pet Insurance Growth and Development We are committed to providing training, tools, and resources to help our staff learn specific knowledge and skills, to improve performance in their current and future roles. Ultimately, we focus on our staff growth and performance. * In-office workshops and computer training * Opportunity to attend conferences and industry events * Tuition Reimbursement of $5,250 per calendar year * Recognition Programs Health & Wellness We have a holistic wellness program, including physical and mental health services to help our staff stay healthy in all areas of life. * Free Membership * Plus-One Membership for friends or family members * Free race entries * Free Group and Virtual Training * Free Access to Run Coach App * Staff Drawings for marquee races and Abbott World Marathon Majors (AWMM) * Citi Bike Subsidy * Free Weekly Meditation, Zumba and Yoga classes * Free Mental Health Counseling sessions, legal and family support services * Free Grief Counseling * Annual Health & Wellness Fair * Softball, Soccer, Volleyball, and other company sports teams * Participation in the J.P Morgan Chase Corporate Challenge * Corporate Fitness Memberships with Gympass and Crunch Corporate gyms * Gym Reimbursement and up to $300 annual activity reward through Health Insurance * In-Office Flu Shot Clinics * Adjustable Standing Desks * Wellness Room & Showers * Vending Machine including healthy options * Theraguns *Workplace Type* This is a hybrid position in New York,NY. *Application Deadline* This position is anticipated to close on Sep 19, 2025. h4>About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. About TEKsystems and TEKsystems Global Services We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. | |