Director, IT Security

How you’ll make an impact:
The Director, IT Security will work inside Strata’s Information Technology group and lead all aspects of enterprise information security at Strata. This position reports directly to Strata’s Chief Information Security Officer and is an integral member of the IT leadership team. In this role, you will lead and develop the IT Security team to evolve with the changing threat landscape and regulatory requirements. We are looking for a candidate with a track record of providing strategic, forward-looking vision when designing solutions to achieve business goals and drive security excellence.  

• Lead, mentor, and coach the IT Security team. 
• Manage all aspects of IT Enterprise Security which includes but is not limited to infrastructure security, enterprise network, authentication and authorization, multifactor authentication, web content filtering, PKI, penetration testing, vulnerability management, and SIEM.  
• Participate in internal risk identification and management working alongside Strata’s Governance, Risk, and Compliance (GRC) team.  
• Advise on security risks and complications with public cloud providers and ensure Strata is compliant using these services.  
• Direct activities with external partners such as MSSPs, external penetration tests, and vendors.  
• Prioritize remediation of issues and findings documented in corrective and preventative action plans. 
• Update and track security metrics to be reported to the Strata Security and Risk committee.  
• Bolster the security operations team monitoring Strata’s overall security posture and response to alarms and misconfigurations.  
• Manage employee education activities including but not limited to security awareness training, phishing exercises, and social engineering. 
• Ownership of security and technical documentation including but not limited to procedure documentation, network/security diagrams, position papers/memos, and guides 
• Responsible for proactive licensing management and compliance with our vendors. This includes managing the procurement process as well as reviewing all 3rd party vendors for the organization. 
• Provide guidance on the ethical and security use of AI for productivity gains as well incorporating into products.  
• Manage the IT Enterprise Security budget and assist the CISO with the overall IT budget.  
• Engage with current and potential customers to answer questions and demonstrate Strata’s commitment to security through certifications, policies, and best practice architecture. 

What we’re looking for: 

• Minimum 12+ years of applied IT experience with a concentration in IT Security. 
• Security leadership experience working in a regulated industry such as HIPAA or SOX.  
• Knowledge of HITRUST, ISO27001, and SOC  
• Extensive experience translating business requirements into business solutions at the enterprise level.  
• Excellent communication skills including the ability to communicate complex technical issues to users with little technical background/expertise  
• Experience in implementing and maintaining performance standards, providing constructive feedback, and addressing performance issues in a timely and effective manner 
• Adept at maintaining a high level of responsiveness under pressure 
• Self-motivated with the ability to prioritize quickly and make decisions independently