The Director of Information Security, reporting to the Head of IT, will ensure security requirements are consistently practiced, improve compliance with security standards and policies globally and own design and enforcement of global information security standards. You will have a broad technical background, a solid grasp of cloud technologies and the courage to most insistent advocate for security and privacy in the company.

What You Will Do:

Define network security, infrastructure hardening, monitoring, and breach detection infrastructure

Own global compliance with GDPR, ISO, SOC and CCPA and all data and security compliance issues.

Oversee internal and external IT audits, scans, vulnerability testing, and mitigation.

Design, implement and continuously update security requirements, policies and standards for all of OPSWAT, including privileged account access, management, control, and monitoring standards.

Manage secure, consistent change management and deployment practices in an enterprise environment.

Implement security awareness training programs.

Design and approve of platform, application, storage, network, virtualization, cloud and mobile security standards and methodologies.

Develop technical designs for a project to meet information security requirements based on approved security architectures/design patterns.

Develop, review, and approve the installation requirements for LANs, WANs, VPNs, routers, firewalls, and related network devices.

Perform additional duties as assigned.

What You Should Have:

Bachelor's degree in Technology, Legal, Computer Science/Engineering, Cyber security, or related field/experience.

7+ years of working experience in an cloud environments.

4+ years of experience in cyber security.

Deep understanding of AWS, Azure and GCP technologies and architecture. Experience implementing security both on premise and in AWS, Azure and GCP.

Inside-out knowledge of Microsoft security technologies, platforms and patterns.

Experience with security practices such as security incident response and risk management.

Experience in the design, development, implementation and operational support of critical solutions in large scale environments and organizations.

Knowledge and understanding of relevant legal and regulatory requirements related to GDPR, ISO, SOC and CCPA.

A passion for cyber security.

Excellent verbal and written communication skills with a wide variety of audiences including technologists, executives, business partners and IT team members.