DIRECTOR, ENGINEERING - DEV SHARED
Sphera, the former Operational Excellence and Risk Management business of IHS Inc. is a leading global provider of enterprise software and services that enables companies to manage and optimize their environmental, health, safety and sustainability processes. Our software allows customers to automate processes, monitor emissions, ensure regulatory compliance, and track chemical inventory throughout a manufacturing cycle. We were recently spun off by IHS and acquired by Genstar Capital, essentially positioning us as a start-up tech company with $100 million in annual revenue and over 3000 customers in 70+ countries.
At Sphera, it is more than just a job. If you are looking to help change the world and challenge status quo while growing your career, you might find some interesting opportunities to pursue whether for you or to refer a colleague.
Director, Information Security and
Compliance
Sphera is seeking a Director of
Information Security that will be responsible for expanding and maintaining an
Information Security Program that contains the following directives:
Policy
development and policy enforcementOrganization wide
risk managementCompliance and regulatory
requirements that align with current organizational risk posture
Responsibilities:
Self-starter,
able to drive tasks to completion independently.Execute strategic
comprehensive enterprise information security program directives and plans to
ensure the confidentiality, integrity, and availability of Sphera DataCollaborate
with business and functional leadership to identify information security risks
and build treatment plans that result in risks reduced to acceptable levels.Develop and
maintain information security policies, standards, guidelines.Direct the design
and deployment of security controls to meet risks facing the organization.
Provide
leadership and guidance on information security topics, advising and
collaborating on security processes, business continuity, and disaster recovery
plans.Identify and
manage system and application security risks and build processes and controls
to enhance security.Lead
investigations of any actual or potential information security violations and
manage escalation of security events; assist with related legal matters
associated with such events as needed and make recommendations to correct or prevent
future incidents.Establish and
manage metrics and reporting framework to measure the efficiency,
effectiveness, and maturity level of the program.Liaise with
relevant business units (such as Internal Audit, Law, Finance, Safety &
Security, Risk Management, HR teams), and external agencies as needed to ensure
that maintains a strong security posture.Work with system
administrators and application developers to audit, monitor and validate their
environment’s/application’s security, including conducting gap analysis and
other comprehensive internal assessments of existing systems to improve the
security infrastructure and mitigate risks.Provide oversight
to the architecture and engineering of new security systems; including the
evaluation of technical designs.Validate the
effectiveness of security controls within the organization.Research
commercial and open source solutions to determine the effectiveness within the
environment.
Qualifications:
Type
of Education Required
Bachelor’s or Master’s Degree in
Computer Science, Information Systems, or other related field.CISSP Certification Preferred.
Type of Experience and Number of Years
Minimum
of seven (7) years’ experience in an Information Security.
Sphera is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, age, gender identity, sexual orientation, marital status, parental status, religion, sex, national origin, disability, veteran status and other legally protected characteristics.