Director of Information Security
As the Director of Information Security, you will report to the Chief Technology Officer and will lead the application security work alongside the Lead Enterprise Architect, Director of Infrastructure and Director of Applications as well as project teams as they develop and execute plans to create, manage and optimize the technology for the new banking services platform. This is a key role that will own the creation and execution of an Information Security program that will encompass security awareness, cyber threat preparedness and response, physical security, red team testing, threat hunting and elimination of cyber risk.
DUTIES AND RESPONSIBILITIES
• Provide proactive security services to include 24x7x365 monitoring and response of the technology environment to detect, analyze, track and mitigate all threats that could impact the organization
• Set strategic roadmap and tactical goals driving the evolution of the Incident Response, Security Monitoring, Threat Intelligence, and Hunting functions
• Manage and provide technical leadership for all information security incidents to include stakeholder engagement with the Karrikin Cyber Incident Management Team.
• Oversee and the lead the incident response process to include documentation of findings and recommendations
• Develop mitigation/response strategies and guide the acquisition and development of countermeasures to keep the business safe
• Liaise with external partners, law enforcement, advisory bodies and industry and peer working groups as necessary, to ensure that the organization maintains a strong security posture
• Support Cyber Preparedness in the development of Tabletop Exercises and share the latest attacker techniques
• Manage requests from governing bodies, internal and external auditors
• Develop content to improve the quality of message by simplifying the language of technology for the organizations cyber security programs.
• Build and report the cyber security metrics that enable executive leadership to effectively assess performance of security program, controls, risk management, risk mitigation, and justify investments.
The successful applicant will have the following experience and skills:
• Bachelor's degree in computer science or engineering or equivalent experience
• 10 years of relevant experience, with at least 5 years leading the security architecture decisions in a complex, regulated and/or technical setting
• Security certification preferred such as CISSP, CompTIA Security, CEH
• Substantial people-centered leadership experience in a high growth company
• Cloud-based security knowledge, thought-leadership & delivery experience
• Strong written and verbal communication skills, excellent technical communication with peers and non-technical cohorts
• Experience with software security and toolsets to manage OWASP vulnerabilities
• Experience with audits such as PCI-DSS, SOC1, SOC2, FFIEC, SOX, ISO27001
• Up to 10% travel per year
Reports to: Chief Technology Offier
Direct Reports: Security Engineer, Security Manager, GRC
Team: IT Security
Karrikin is a leading-edge technology organization that provides software and services to its holding company; Verdigris Holdings Inc., as well as other financial institutions
The Karrikin Mission is to engineer and support best in class, inexpensive automated solutions that minimize risk and exponentially enable financial institutions to better serve underbanked or unbanked customers so that one day all people will have access to financial services.
OFFICE LOCATION: SCOTTSDALE, AZ