Sphera, the former Operational Excellence and Risk Management business of IHS Inc. is a leading global provider of enterprise software and services that enables companies to manage and optimize their environmental, health, safety and sustainability processes. Our software allows customers to automate processes, monitor emissions, ensure regulatory compliance, and track chemical inventory throughout a manufacturing cycle. We were recently spun off by IHS and acquired by Genstar Capital, essentially positioning us as a start-up tech company with $100 million in annual revenue and over 3000 customers in 70+ countries.

At Sphera, it is more than just a job.  If you are looking to help change the world and challenge status quo while growing your career, you might find some interesting opportunities to pursue whether for you or to refer a colleague.

Director, Information Security and
Compliance

Sphera is seeking a Director of
Information Security that will be responsible for expanding and maintaining an
Information Security Program that contains the following directives:

• Policy
  development and policy enforcement

• Organization wide
  risk management

• Compliance and regulatory
  requirements that align with current organizational risk posture

Responsibilities:

• Self-starter,
  able to drive tasks to completion independently.

• Execute strategic
  comprehensive enterprise information security program directives and plans to
  ensure the confidentiality, integrity, and availability of Sphera Data

• Collaborate
  with business and functional leadership to identify information security risks
  and build treatment plans that result in risks reduced to acceptable levels.

• Develop and
  maintain information security policies, standards, guidelines.

• Direct the design
  and deployment of security controls to meet risks facing the organization.

• Provide
  leadership and guidance on information security topics, advising and
  collaborating on security processes, business continuity, and disaster recovery
  plans.

• Identify and
  manage system and application security risks and build processes and controls
  to enhance security.

• Lead
  investigations of any actual or potential information security violations and
  manage escalation of security events; assist with related legal matters
  associated with such events as needed and make recommendations to correct or prevent
  future incidents.

• Establish and
  manage metrics and reporting framework to measure the efficiency,
  effectiveness, and maturity level of the program.

• Liaise with
  relevant business units (such as Internal Audit, Law, Finance, Safety &
  Security, Risk Management, HR teams), and external agencies as needed to ensure
  that maintains a strong security posture.

• Work with system
  administrators and application developers to audit, monitor and validate their
  environment’s/application’s security, including conducting gap analysis and
  other comprehensive internal assessments of existing systems to improve the
  security infrastructure and mitigate risks.

• Provide oversight
  to the architecture and engineering of new security systems; including the
  evaluation of technical designs.

• Validate the
  effectiveness of security controls within the organization.

• Research
  commercial and open source solutions to determine the effectiveness within the
  environment.

Qualifications:

Type
of Education Required

Bachelor’s or Master’s Degree in
Computer Science, Information Systems, or other related field.CISSP Certification Preferred.

Type of Experience and Number of Years

Minimum
of seven (7) years’ experience in an Information Security.

Sphera is an equal opportunity employer.  We evaluate qualified applicants without regard to race, color, age, gender identity, sexual orientation, marital status, parental status, religion, sex, national origin, disability, veteran status and other legally protected characteristics.