Senior Director, Information Security and Compliance
Company: Disability Solutions
Location: Hoboken
Posted on: November 3, 2024
Job Description:
Location: Hoboken, NJOur mission is to unlock human potential.
We welcome you for who you are, the background you bring, and we
embrace individuals who get excited about learning. Bring your
experiences, your perspectives, and your passion; it's in our
differences that we empower the way the world learns. The Senior
Director of Information Security and Compliance develops and
implements comprehensive strategies, policies, and procedures to
identify and mitigate risks, ensure compliance with industry
regulations, and responds effectively to security incidents. This
role manages a global team accountable for safeguarding the
confidentiality, integrity and availability of Wiley's intellectual
property and technology products. This includes the management and
oversight of the following functional areas: Security
Architecture/Strategy, Security Operation Center, Security
Engineering, IAM, Application Security, Governance, Risk,
Compliance and the eCommerce/Fraud teams. How you will make an
impact:
- Function as the IT liaison with senior leaders and
Internal/External auditors and consultants on Information Security
and regulatory compliance engagements.
- Identify, prioritize and implement security strategy,
initiatives, establish security goals, and create a roadmap for
their implementation that is aligned with Wiley's objectives.
- Determine, develop, maintain, and publish corporate-level
information security policies, standards, procedures, and
guidelines, including incident response and compliance reporting
procedures.
- Manage a cost-efficient and high performing information
security organization, consisting of direct reports and dotted line
reports. This includes hiring (and conducting background checks),
training, staff development, performance management and annual
performance reviews.
- Manage the design, implementation, and maintenance of WILEY's
Information Technology Compliance Programs (SOX, PCI, eCommerce and
Fraud Analytics).
- Identify, assess and report on risks, practice and projects to
stakeholders across the organization.
- Lead regular risk assessments to identify and evaluate
potential security threats and vulnerabilities.
- Identify vulnerabilities and security weaknesses across the
enterprise and drive the resolution and mitigation of found
errors/incidents enterprise wide.
- Work cross functionally with other department to implement
architectures for systems, networks, and applications. Assist peer
managers in understanding security and control deficiencies and
responding to internal and external audit reports.
- Develop and maintain appropriate security access control for
WILEY's information systems, including cloud and on-premise
solutions such as WILEY's global environment, i.e., SAP, Workday,
and other modules as implemented.
- Create and manage a targeted information security awareness
training program for all employees, contractors and approved system
users, and establish metrics to measure the effectiveness of this
security training program for the different audiences.
- Develop our Security Incident Response Plan and lead security
incident remediation with related cross functional teams. Supervise
all investigations relating to security threats, legal discovery,
and violation of WILEY security policies and provide on-going
communication with senior management.
- Work with product teams to incorporate security and privacy by
design into our products/services
- Engage in tabletop scenarios, penetration studies, threat
analysis, vulnerability assessments, and security audit activities
to ensure IT controls and security are effective.
- Build and report information security metrics that enable
executive leadership to effectively assess performance of security
program, controls, risk management, risk mitigation and justify
technology investments
- Establish and maintain third-party vendor risk assessment
program, including attestations such as SOC Reports, SIG/SIG Lites,
HECVAT and similar questionnaires and assessment documentation.
Conduct security reviews of potential third-party providers /
acquisition targets.
- Accountable for monitoring emerging threats and security
practices and recommending changes to security / compliance
programs as needed. Maintains strong relationships with industry
peers, partners, vendors, external agencies, and regulatory
bodies.
- Provides exceptional customer service experience to internal
business partners. What we look for:
- Expert knowledge of Cyber/Information Security and compliance.
Specifically in the areas of security architectures and associated
technologies, security operation centers, security engineering,
identity governance and administration/identity and access
management (IGA/IAM), privilege access management (PAM),
application security, governance, risk, compliance (GRC) and
eCommerce fraud prevention.
- Working knowledge of cybersecurity technologies covering a
global digital ecosystem.
- Direct global leadership experience (ideally in a matrix
environment), as well as managing external resources.
- Bachelor degree strongly preferred in Information Security or
equivalent. Master degree desirable.
- Has had the opportunity to implement information security
strategies, policies, and procedures, ideally in a larger
organization / enterprise wide.
- Identifies and measures global information security (GIS)
controls on critical business processes or channels
- Previous senior leadership exposure / comfortable engaging with
senior level stakeholders
- Strategic prowess and ability to see the big picture
organizationally; ability to adapt accordingly
- Strong relationship development skills
- Self-motivated, ability to work collaboratively across the
organization and various domains
- Solid analytical skills with the ability to solve problems and
develop creative solutions
- Strong organization, problem solving, and presentation
skills
- Excellent communication and interpersonal skills
- Strong leadership, team management, and negotiation skills
About Wiley: Enabling Discovery, Powering Education, Shaping
Workforces. We clear the way for seekers of knowledge: illuminating
the path forward for research and education, tearing down barriers
to society's advancement, and giving seekers the help they need to
turn their steps into strides. Wiley may have been founded over two
centuries ago, but our secret to success remains the same: our
people. We are willing to challenge the status quo, move the
needle, and be innovative. Wiley's headquarters are in Hoboken, New
Jersey, with operations across the globe in more than 40 countries.
Wiley is an equal opportunity/affirmative action employer. We
evaluate all qualified applicants and treat all qualified
applicants and employees without regard to race, color, religion,
sex, sexual orientation, gender identity or expression, national
origin, disability, protected veteran status, genetic information,
or based on any individual's status in any group or class protected
by applicable federal, state or local laws. Wiley is also committed
to providing reasonable accommodation to applicants and employees
with disabilities. Applicants who require accommodation to
participate in the job application process may contact
tasupport@wiley.com for assistance. We are proud that our workplace
promotes continual learning and internal mobility. Our values
support courageous teammates, needle movers and learning champions
all while striving to support the health and well-being of all
employees, for example we offer meeting-free Friday afternoons
allowing more time for heads down work and professional
development. We are committed to fair, transparent pay, and we
strive to provide competitive compensation in addition to a
comprehensive benefits package. This range represents Wiley's good
faith and reasonable estimate of the base pay for this role at the
time of posting. It is anticipated that most qualified candidates
will fall within the range, however the ultimate salary offered for
this role may be higher or lower and will be set based on a variety
of non-discriminatory factors, including but not limited to,
geographic location, skills, and competencies
#LI-JG1Location/Division: Hoboken, NJ, USAJob Requisition:
R2401822Remote Location: No Time Type: Full Time Target Base Pay
Range: $182,000 - $240,000
Keywords: Disability Solutions, Levittown , Senior Director, Information Security and Compliance, Executive , Hoboken, New York
Didn't find what you're looking for? Search again!
Loading more jobs...