Director of Information Security
About the role -
As the Director of Information Security, you will report to the Chief Information & Security Officer and will lead the application security work alongside the Lead Enterprise Architect, Director of Infrastructure and Director of Applications as well as project teams as they develop and execute plans to create, manage and optimize the technology for the new banking services platform. This is a key role that will own the creation and execution of an Information Security program that will encompass security awareness, cyber threat preparedness and response, physical security, red team testing, threat hunting and elimination of cyber risk.
· Provide proactive security services to include 24x7x365 monitoring and response of the technology environment to detect, analyze, track and mitigate all threats that could impact the organization
· Set strategic roadmap and tactical goals driving the evolution of the Incident Response, Security Monitoring, Threat Intelligence, and Hunting functions
· Manage and provide technical leadership for all information security incidents to include stakeholder engagement with the Karrikin Cyber Incident Management Team.
· Oversee and the lead the incident response process to include documentation of findings and recommendations
· Develop mitigation/response strategies and guide the acquisition and development of countermeasures to keep the business safe
· Liaise with external partners, law enforcement, advisory bodies and industry and peer working groups as necessary, to ensure that the organization maintains a strong security posture
· Support Cyber Preparedness in the development of Tabletop Exercises and share the latest attacker techniques
· Manage requests from governing bodies, internal and external auditors
· Develop content to improve the quality of message by simplifying the language of technology for the organizations cyber security programs.
The successful applicant will have the following experience and skills:
· Bachelor's degree in computer science or engineering or equivalent experience
· 10 years of relevant experience, with at least 5 years leading the security architecture decisions in a complex, regulated and/or technical setting
· Security certification preferred such as CISSP, CompTIA Security, CEH
· Substantial people-centered leadership experience in a high growth company
· Cloud-based security knowledge, thought-leadership & delivery experience
· Strong written and verbal communication skills, excellent technical communication with peers and non-technical cohorts
· Experience with software security and toolsets to manage OWASP vulnerabilities
· Experience with audits such as PCI-DSS, SOC1, SOC2, FISMA, SOX, ISO27001
· Up to 10% travel per year
Reporting Structure -
Reports to: Chief Information and Security Officer
Direct Reports: Security Engineer, Security Manager, GRC
Team: IT Security
Compensation and benefits
Competitive compensation based on experience
Medical, Dental, Life, LTD, Paid Vacation
Bonus eligible role
About the company -
Karrikin is a start-up technology organization that provides technology solutions to its holding company; Verdigris Holdings Inc., who is seeking to make banking services more accessible through a technology-enabled, community-first approach.
The Karrikin Mission is to engineer and support best in class, inexpensive automated solutions that minimize risk and exponentially enable financial institutions to better serve underbanked or unbanked customers so that one day all people will have access to financial services.
Interested? Send your resume to HR@Verdigriscapital.com