Director of Security & Compliance - NYC metro area

Director of Security & Compliance - NYC metro area

**Growing Consultancy is currently seeking a Director of Security & Compliance to join their team in New York City metro area. Direct Hire. Local candidates preferred. WILL consider candidates who are open to relocation.**


  • Take full ownership of the security road map and manage all security related initiatives and projects
  • Responsible for the strategy & development for Governance, Risk & Compliance services
  • Certify that security programs are compliant with relevant international laws, regulations, and policies to minimize risk and audit findings
  • Design, document, report and implement technical information security processes, procedures, guidelines, and solutions
  • Provide security metrics based on best practices and defined key risk indicators
  • Effectively communicate the importance of information security through proactive security awareness and training (in a way that engages employees, partners, and/or clients to embrace and adopt changes)
  • Mentor and build a world class team of information security professionals

Skills/Education Preferred (not all required):

  • Ability to prioritize risks, provide recommendations and communicate effectively to both the business side and the technical side
  • Experience working in large scale enterprise environments
  • Advanced proficiency in analytical, organizational, project management, interpersonal and communication skills (verbal and written) both internally and externally
  • Ability to function at a high level in a fast paced, dynamic environment with competing priorities and multiple demands under tight deadlines
  • Hands-on technical capacity
  • Experience implementing regulatory compliance programs such as ISO, SOX, SOC, HIPAA, PCI, FISMA, FIPS, and comparable US and international standards
  • Adept at implementing security hardening techniques for entire enterprise-wide environments: database systems, web and application servers and all network infrastructures
  • Broad work experience with security incident response, disaster recovery, identity and access management, information privacy, security operations and security architecture, assessing security vulnerabilities (threat modeling and attack detection), application analysis, malware analysis, protocol analysis, debugging
  • Proven experience in managing engineers and security teams

Oscar Associates Limited (US) is acting as an Employment Agency in relation to this vacancy.