Associate Director-IT Security

As a Security leader with a background in AWS and cloud Security, you play a crucial role in defining and enforcing the security policies and procedures of the organization. With excellent written and verbal communication skills, exceptional organizational abilities, and expert-level proficiency in IT and Cloud Security, you will be responsible for architecting and implementing IT Security policies while reporting to the Director of Information Technology. In this full-time role, your essential duties and responsibilities include providing leadership and technology vision to the IT Security team, performing internal and external security audits, documenting, implementing, and monitoring adherence to IT security standards, as well as assessing and improving security metrics. You will work on enhancing security tools and operations, monitor and manage IDS, vulnerability scanning, and assessments, and serve as the Data Privacy Officer (DPO) for the company. Creating awareness within the company regarding Security, Privacy, and compliance requirements, ensuring security and privacy training for staff involved in data processing, conducting security and privacy audits, and serving as the point of contact between the company and clients for privacy controls are key aspects of your role. Additionally, you will be responsible for log aggregation and analysis, managing Anti-Virus software, addressing security and data breach-related incidents, and ensuring customer satisfaction while being accountable for individual product/project success and quality. To qualify for this position, you must hold certifications such as CISSP, Security+, or equivalent, along with having 10+ years of Cyber Security experience, 5+ years of IT management experience, 5+ years of AWS experience, and 3+ years of experience with Identity & Access Management tools. Your extensive experience with Linux & Windows Security administration, managing Cloud and Container Security, Network and Application penetration testing, vulnerability scanners, IDS, IPS deployment and monitoring, SIEM tools, security automation, incident response & management, vulnerability management, and patch management will be essential. Moreover, your role will involve ensuring organization efficiencies through continual improvement programs, representing the organization in inspections and audits, driving action plans to closure, conducting deep dive RCAs and ensuring CAPAs are closed, and maintaining a metrics-driven approach. Additional qualifications such as experience with monitoring tools like Datadog, Change Management, Configuration Management, Infrastructure as Code tools, hardening Operating Systems and Applications, endpoint security management, working in GxP environments, and familiarity with various practices will be beneficial. With no travel expectations, this role requires a dedicated and experienced professional who can effectively lead security operations and teams, prioritize security and privacy, and drive continuous improvement initiatives to enhance organizational security posture.,