---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Director of Privacy and Security
Location: Louisville, Kentucky, United States
Type: Permanent F/T
Closing Date: 2006-03-27
IT Risk Management and Compliance
Southeastern U.S. -- Local (Southeastern region) candidates preferred;
relocation assistance available
We are looking for an innovative and visionary information leader who can take
the lead role in developing an integrated risk and compliance management
program. The successful candidate will have a firm grasp of the technology
risks facing large companies today and will have an in-depth expertise and
experience managing IT compliance requirements for a large publicly-traded
company. In particular, successful candidate must have a proven track record
of developing and implementing common compliance requirements across the IT
organization, including demonstrated success in analyzing, assessing, and
reporting compliance with such requirements.
COMPENSATION: Compensation package includes a competitive based salary,
currently targeted between $85 to $100K plus up to 10% performance-based bonus.
Actual salary will be determined based on the successful candidate’s
relevant experience and salary history. (Please include compensation history
in your response.)
JOB REQUIREMENTS
---------------------------------------------------
Requirements: the successful candidate for IT Risk Management & Compliance
will have the following minimum qualifications and experience:
• Bachelor's Degree, in IT, Computer Science, Business or related field.
MBA Preferred.
• Strong verbal and communication skills, and interpersonal skills,
including:
o Demonstrated ability to develop and sustain key partnerships at all
levels
o proven executive presence as evidenced by successful interactions with
the senior leadership team
• Ability to influence / win support across a highly diverse cross
functional ‘virtual’ team
• Excellent project and time management skills
• Demonstrated ability to understand and translate the needs of the
business into appropriate IT, security, and compliance requirements.
• Demonstrated ability to develop a comprehensive information security
strategy and a comprehensive information security risk management program
focused on the needs of the business and centered around the real business
risks presented by information, privacy and compliance, and technology
considerations
• Familiarity with the IT Compliance Institute's Common Compliance
Framework, e.g.
o strong knowledge of interrelation of various regulatory requirements,
including CobiT and ISO17799
o Assessment of information security controls using CobiT or CMM
framework.
o CISSP, CISA or CISM certification
• Experience managing SOX 404 IT compliance, including IT SOX general
controls, development of test plans, and execution or oversight of SOX testing,
and clear understanding of SOX, vis a vis FAQs, SEC guidance, public accounting
audits, etc.
• Experience managing a broad range of compliance requirements, e.g.:
SOX, PCAOB Auditing Standard #2 HIPAA, GLBA, Visa PCI Data Security Standard
(CISP), CMS, state breach/notification laws (such as CA SB 1386), and state DOI
requirements.
Preferred: IT Audit experience; ITIL; Certified Risk Manager designation
CONTACT
---------------------------------------------------
TO APPLY: Please refer to “IT Risk Mgmt&Comply-SecurityFocusOnline”
and include your compensation history when forwarding your resume to
Resumes@BolandGroup.com
Retained Search Firm
Ann Boland
President
Resumes@BolandGroup.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
