Director of Information Security
Company: Boys and Girls Country of Houston, Inc
Location: Dallas
Posted on: November 13, 2024
Job Description:
At Bluebeam, we empower people to advance the way the world is
built. We create smart software solutions that make construction
sites more efficient, connected, and safe and improve the lives of
design and construction professionals everywhere.This position will
provide leadership and accountability for Bluebeam's information
security program. It is responsible and accountable for
establishing, planning, administering, and evaluating the overall
policies, goals, and procedures company-wide for the information
security program. Relevant, collaborative leadership experience,
proven execution ability, and technical cybersecurity competency
are key indicators of success for this role.Responsibilities:
- Defines and owns a multi-year cybersecurity roadmap and key
performance indicators focused on reducing cyber risk.
- Creates quarterly, annual, and long-term cybersecurity and
cyber risk management goals, articulates strategies, defines
metrics, and provides necessary updates to executive leadership and
the Security Steering Committee.
- Builds and inspires a highly skilled and diverse Security team.
Fosters a culture of trusted cross-functional partnership, service,
and continuous improvement.
- Partners with Product & Engineering leadership for the
development, planning, and execution of major security initiatives,
ensuring secure development and overall technology and security
planning in line with Bluebeam's product roadmap and R&D
innovations team.
- Oversees product review assessments and promotes the
implementation of security technologies.
- Collaborates with peer members of the greater global Nemetschek
security team and leads security initiatives for the US-based
brands to establish and promote appropriate security standards
throughout the Nemetschek Group and provides an effective
governance structure to ensure cyber compliance and
accountability.
- Mentors internal Bluebeam and Sister Brand security team
members.
- Leads Security Incident Responses, Vulnerability assessments,
Third Party Information Security assessments, Data Protection and
Encryption, Identity & Access Management, and Privileged User
Access to protect both customer and employee data.
- Coordinates responsive actions for disaster recovery, business
continuity, and incident response plans.
- Develops and coordinates response plans to ensure timely
response to information risk-related incidents.
- Builds and inspires a highly skilled and diverse GRC and
Privacy team, staying abreast of new regulations affecting the
business and driving a culture of compliance throughout the
organization.
- Partners with business stakeholders across Bluebeam and the
Nemetschek group to raise awareness of risk management concerns,
including advising system owners on the security posture of their
systems.
- Oversees the continued development and maintenance of
Bluebeam's processes, policies, and technical controls in support
of certifications programs and continual compliance with ISO/IEC
27001/2, SOC 2, and applicable privacy regulations and ensures
ongoing compliance thereof.Qualifications:--- 10+ years of
enterprise cybersecurity or relevant technology/risk management
experience--- 3+ years of experience directing the activities of
other managers running information security teams--- 2+ years of
experience in GRC and data privacy regulations--- Hands-on
experience leading one or more of the following functions is
required: GLBA/privacy, third-party risk management, cyber
resilience planning/response, strategy/board reporting---
Demonstrated experience in cloud and mobile technologies, including
multi-tenancy data storage preferably with AWS infrastructures.---
Demonstrated experience in establishing and maintaining common
security frameworks (SOC2, ISO27001, NIST)--- Broad, current
knowledge of regulatory and voluntary standards-based compliance
related to cloud and mobile applications and data confidentiality
(e.g. CCPA, GDPR, PCI, SOC2, ISO 27001) and experience implementing
and fostering compliance maturity.--- Experience with
software-as-a-service companies and securing cloud
architectures.--- Exceptional communication skills, including
written deliverables, oral presentations, and the ability to
facilitate crucial conversations at all levels of the
organization.--- Track record of leading enterprise projects and
cross-functional initiatives to success, on time, and within
budget.Compensation:--- People-focused, entrepreneurial start-up
culture with the backing of a stable, global, corporate entity -
Nemetschek--- Competitive compensation and benefits package
(medical, dental, education reimbursement, 401k, wellness
resources)--- Work-life balance fostered through a culture of
diversity, inclusion, and appreciation of individual lifestyle
needs--- You will have the opportunity for continuous professional
development
#J-18808-Ljbffr
Keywords: Boys and Girls Country of Houston, Inc, Mansfield , Director of Information Security, Executive , Dallas, Texas
Didn't find what you're looking for? Search again!
Loading more jobs...