Director of Enterprise Information Security
We are the global test and automation specialists, powering next-generation technologies through sophisticated solutions. Behind every electronic device you use, Teradyne's test technology ensures your device works right the first time, every time. Our portfolio of automation solutions helps manufacturers to develop and deliver products quickly, efficiently, and cost-effectively. Together, Teradyne companies deliver manufacturing automation across industries and applications around the world. The Director of Enterprise Information Security is a critical member of the chief information security officer's (CISO's) team. The role is to act as an interface between the CISO's strategic and process-based activities and the work of the IT organization. The Director must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. The Director coordinates the IT organization's technical activities to implement and manage security infrastructure, and to provide regular status and service-level reports to management. The Director is a leadership role that requires an individual with a strong technical background, as well as an ability to work with the IT organization and business management to align priorities and plans with key business objectives. The Director will act as an empowered representative of the CISO during IT planning initiatives to ensure that security measures are incorporated into strategic IT plans and that service expectations are clearly defined. The Director will also be responsible for working with business and IT stakeholders to balance real-world risks with business drivers such as speed, agility, flexibility, and performance. Expertise in leading project teams and developing and managing projects is essential for success in this role. In addition to supporting the CISO's policies and strategies, the Director must be able to prioritize work efforts -- balancing operational tasks with longer-term strategic security efforts. Other project management tasks will include resource balancing across multiple IT and security teams, task prioritizing and project reporting. Vendor relationship management -- ensuring that service levels and vendor obligations are met -- is also an important aspect of the position. Key
Responsibilities:
Strategic support o Work with the CISO to develop a security program and security projects that address identified risks and business security requirements. o Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing the CISO with a realistic overview of risks and threats in the enterprise environment. o Work with the CISO to develop budget projections based on short- and long-term goals and objectives. o Monitor and report on compliance with security policies, as well as the enforcement of policies within the IT department. o Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance. o Manage a staff of information security professionals, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members. Architecture/engineering support o Ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software. o Recommend and coordinate the implementation of technical controls to support and enforce defined security policies. o Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. Operational support o Coordinate, measure, and report on the technical aspects of security management. o Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements. o Manage and coordinate operational components of incident management, including detection, response, and reporting. o Assist and guide the disaster recovery planning team in the selection of recovery strategies and the development, testing and maintenance of disaster recovery plans. o Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks. Qualifications and Requirements:
o A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred. o A minimum of seven years of IT experience, with five years in an information security role and at least two years in a supervisory capacity. o Team player with great interpersonal, communication and presentation skills. o The ability to interact with Teradyne personnel, build strong relationships at all levels. o A strong understanding of the business impact of security tools, technologies, and policies. o Strong leadership abilities, with the capability to develop and guide information security team members. o Strong project management skills and experience. o Experience in system technology security testing (vulnerability scanning and penetration testing). Preferred
Qualifications:
o Certification / experience in business methodologies (e.g. Six Sigma), architecture methods (e.g. TOGAF, Zachman, FEAF, DODAF) and IT Service Management methods (e.g. COBIT, ITIL) a plus o CISSP certification Location & Travel:
o North Reading, Massachusetts or remote o Ability to travel up to 1 week per quarter globally
Salary Range:
$200K -- $250K
Minimum Qualification
System & Network Administration, IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
Responsibilities:
Strategic support o Work with the CISO to develop a security program and security projects that address identified risks and business security requirements. o Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing the CISO with a realistic overview of risks and threats in the enterprise environment. o Work with the CISO to develop budget projections based on short- and long-term goals and objectives. o Monitor and report on compliance with security policies, as well as the enforcement of policies within the IT department. o Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance. o Manage a staff of information security professionals, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members. Architecture/engineering support o Ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software. o Recommend and coordinate the implementation of technical controls to support and enforce defined security policies. o Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. Operational support o Coordinate, measure, and report on the technical aspects of security management. o Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements. o Manage and coordinate operational components of incident management, including detection, response, and reporting. o Assist and guide the disaster recovery planning team in the selection of recovery strategies and the development, testing and maintenance of disaster recovery plans. o Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks. Qualifications and Requirements:
o A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred. o A minimum of seven years of IT experience, with five years in an information security role and at least two years in a supervisory capacity. o Team player with great interpersonal, communication and presentation skills. o The ability to interact with Teradyne personnel, build strong relationships at all levels. o A strong understanding of the business impact of security tools, technologies, and policies. o Strong leadership abilities, with the capability to develop and guide information security team members. o Strong project management skills and experience. o Experience in system technology security testing (vulnerability scanning and penetration testing). Preferred
Qualifications:
o Certification / experience in business methodologies (e.g. Six Sigma), architecture methods (e.g. TOGAF, Zachman, FEAF, DODAF) and IT Service Management methods (e.g. COBIT, ITIL) a plus o CISSP certification Location & Travel:
o North Reading, Massachusetts or remote o Ability to travel up to 1 week per quarter globally
Salary Range:
$200K -- $250K
Minimum Qualification
System & Network Administration, IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
