Description of Service Lines: Results' current client portfolio consists of 82 Partners across various industries inclusive of the following:
• Healthcare
• Insurance
• Wireless Telecommunications
• Financial Services
• Energy
• Education
• Subscriber Based Entertainment
• Tax Services
• Retail
• Cable/MSO
Vision Statement
Our vision is to be the premier global Customer Experience Provider for Fortune 500 companies; to become the benchmark for brand advocacy and service excellence and the transparent provider of choice for customers around the world.
Driven by our "expect greater" commitment to our customers and communities, we aspire to exceed expectations through the brilliance and unyielding passion of our people.
The Company is an equal opportunity and affirmative action employer and will consider all qualified applicants without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, disability, veteran status or any other protected factors under federal, state or local law.
Position Overview
The Director of Information Security is responsible for leadership, oversight and administration of the information security program as defined by Corporate Policy in alignment with internal and external compliance and security standards. This includes implementation and management of all aspects of the program to identify, assess, measure, manage, monitor and report information security risks. This role will manage a team of security engineers, analysts and third party providers as well as the Incident Management and Response processes. In addition, this role will act as the primary interface for internal and external clients on IT Security related topics including audit support, risk mitigation, corrective action plan design and policy development.
Duties and Responsibilities
- Stays up to date on current and future security technology and trends and acts as a key advisor to align business and security
- Monitors and routinely audits compliance to all information security procedures and policies, and ensures consistency of internal controls across departments.
- Participates in review of relevant Information Security aspects of RFP, Contract, Policy and Process documentation
- Act as primary interface for client and third party IT security audits providing oversight and guidance and ensuring compliance
- Owns and maintains PCI compliance and the IT Security related portions of HiTrust, HIPPA and SOC compliance standards to ensure standards are met in an ongoing compliant manner
- Assist other IT teams in system and software architecture and design to ensure that assets and implementations are appropriately secure at all times
- Works closely with the internal Risk and Compliance team to perform risk assessments in the IT Infrastructure space to identify and mitigate potential gaps
- Works closely with client and other 3rd party auditors build and execute corrective action plans
- Manages the ongoing vulnerability scanning and assessment process and partners with other IT teams to resolve vulnerabilities in a timely manner to maintain compliance
- Manages team of engineers and analysts tasked with management of security tools, systems and processes including - Logging / IDS / IPS / Endpoint Protection / Webfiltering and Proxy / MDM / DLP / Vulnerability Assessment as well as IM and IR responsibilities.
- Provides oversight, guidance and development of requirements for vendor selection for new and replacement technologies within the IT Security footprint
- Acts as a Project Manager for implementation of new technologies within the IT Security footprint
- Manages and maintains annual budget for the IT Security department
- Manages and maintains a 3-5 year roadmap for future technology in alignment with global IT and corporate roadmap
- Stays current on threats applicable to The Results Companies environment and brand, and recommends mitigating actions or risk-reduction configurations or solutions
- Identifies and incorporates opportunities for improvements to the Security and Compliance program, and communicates such opportunities effectively to management
- Interfaces with operations management and user community to understand business needs and implement security practices to accommodate them while maintaining security compliance
- Assists with Security Awareness program and ensures that user community understands and adheres to necessary procedures to maintain security
Qualifications
- Ability to Travel both Domestically and Internationally as needed, approximate 20%
- Bachelor's degree from a four-year College or University in Computer Science or related field, or the equivalent combination of Education, Training, or Work experience
- Minimum 5 years IT or Security Management experience
- CISSP, CISM or GSEC Security Certification
- Expert at managing and maintaining PCI compliance across a globally diverse infrastructure
- Experience with HIPPA, HiTrust, GDPR and SOC compliance standards
- In-depth knowledge of security best practices (encryption, data protection, design, privilege access, etc.)
- Experience with managing and implementing standard Security toolsets (Logging, IDS, FIM, SIEM, DLP, MDM, AV)
- Knowledge of Virtualization Software and Technologies
- Knowledge of networks technologies (protocols, design concepts, access control)
- Proficiency in time management, decision making, and organizational skills
- Excellent written and verbal communications
- Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules
- Intelligent and persuasive leader who is able to communicate security-related concepts to a broad range of technical and non-technical staff.
- Contact center or BPO related experience
- Experience managing outsourced security providers
The Results Companies is an Equal Opportunity Employer M/F/Vets/Disability