IpsoJobs

Worldwide Jobs

Vice President / Chief Information Security Officer - 68516

Computers/InternetPosted 41 days 3 hours 7 minutes ago. Viewed: 67 times.

Description

Summary of Responsibilities:

• Threat Assessment and Scenario Planning – Determining security vulnerabilities and risks associated with Intuit’s operation
• Security Strategy – Risk mitigation through the right balance of security measures and operational flexibility
• Standards and Guidelines – People, process and technology that enables our strategy
• Security Implementation – Ensuring that the right security capabilities are built into offerings and enterprise processes and technology
• Day to Day Security Operations – Ensure operational procedures enforcing security and assessing and testing for vulnerabilities
• Incident Response – Respond to and resolve security exposures and incidents
• Integrity of Critical Business Operations – Participate in the formation and execution of business continuity planning, and drive disaster recovery planning and execution across multiple business and geographic sites
• Security Compliance and Audits - Certification and accreditation – internal and external assessment of security, disaster recovery and compliance.
• Employee Education and Training – Provide security awareness training, information and Education

Key Responsibilities:

• Use a consultative approach to provide risk based security and process leadership to the company to drive competitive advantage.
• Be viewed as the security expert across the organization and with external stakeholders
• Develop a strategic plan for corporate wide information security and privacy. Identify initiatives, develop budgets and implement the initiatives based on the strategic plan
• Build a strong team with the right leadership & technical skills to deliver on the strategy. Continue the development of the team as an Intuit asset.
• Build a strong security community across the company’s functional, business, and technology organizations.
• Manage the development, implementation, and administration of Intuit information security policies, standards, and guidelines.
• Provide advice and consulting to senior management and the organization in the development, implementation, and administration of information security and privacy policies and procedures, the information security infrastructure and on security and privacy related issues. Manage risk through shared vision with the business leaders.
• Conduct and lead comprehensive assessments of Intuit information security and privacy policies and procedures against applicable regulations, laws, policies and standards. Assessments should include GAP analysis, recommendations and prioritize enhancements to the security and privacy infrastructure to remove or mitigate risk.
• Establish and direct a program for the identification, reporting, and remediation of information security concerns throughout the organization.
• Investigate any actual or potential information security violations. Manage escalation of security events. Assist with disciplinary and legal matters associated with such violations as necessary. Document and make recommendations to correct or prevent future violations.
• Revise and maintain a library of information security and privacy policies, standards and guidelines covering all areas within Intuit
• Coordinate the development and delivery of education and training program(s) on information security and privacy matters for Intuit employees, consultants, contractors, alliances, business associates, and other appropriate third parties.
• Conduct and lead security reviews and assist in audits as requested by executive management.
• Further develop the Disaster Recovery/Business Continuity strategy and lead the efforts through each business unit and across the enterprise to ensure we have a well integrated strategy and plan/
• Oversee the evaluation and selection of information security tools and direct implementation of tools.
• Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Intuit key business initiatives and business strategies.
• Participate in the development, implementation and ongoing compliance monitoring of information privacy requirements and responsibilities in vendor contracts and agreements.
Qualifications: • Bachelor’s degree in Computer Science, Information Technology, Business Administration or related field. Advanced degree highly preferred.

• Ten + years significant hands on experience with security in companies with significant on line business,multiple business units, many products, billions in annual revenue, and thousands of employees.

• Proven, solid management experience and track record building strong teams and developing leadership excellence at all levels.

• Ten years of overall program management experience to include five years of experience as an executive, leading very large mission critical programs that involve significant business and technology change.

• Ten years experience leading and influencing teams in a matrix management environment. Ability to be an effective leader in a fast paced pressure environment and an ability to be highly adaptive

Effective in building company-wide relationships with senior technical, functional and business leaders to set longer term strategies and to assess and act on short term objectives and needs.
• Well developed change management skills. Effective in working across organizational boundaries to build a case for changes, and to execute on the change plan – from strategy through to ongoing operation and process improvement

• Experienced in and able to formulate the cost benefit of security initiatives in the context of overall business risk mitigation and the company’s operational objectives. Ability to compare, contrast and prioritize among alternative approaches to meet those objectives.

• Effective oral, written and interpersonal communication skills. Strong listening and presentation skills necessary to communicate, understand and persuade, a wide range of audiences.

• Understanding of security and privacy regulations such as Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act, Federal Information Security Management Act (FISMA) and the Gramm-Leach Bliley Act (GLBA) is desirable.
• Understanding of security standards such as ISO 17799, Control Objectives for Information and related Technology (COBIT), and National Institute of Standards and Technology (NIST) is desirable.
• Knowledge on applicable federal and state laws, regulations, and industry standards on information privacy and public disclosure including those defined by the Centers for Medicare & Medicaid Services (CMS) is desirable.
• Ability to conduct assessments of vulnerabilities, risks and threats in both physical and technical domains.
• Experience in conducting security investigations, either physical or technical.
• Knowledge of security enhancing tools and solutions such as Intrusion Detection Systems (IDS), Data encryption (SHA-1, PKI, SSL, DES, IKE, etc.), Virus Protection, System Monitoring & Detection Tools (Tripwire), etc.
• Demonstrated experience in information security audit, risk management and policy compliance.
• Demonstrated experience in information privacy assessments and policy compliance.
• Demonstrated experience in managing incident response and security operations.
• Demonstrated experience dealing with the security challenges and issues confronting a large, geographically distributed, departmentally diverse, publicly-facing organization.
• BS in Computer Science, Business Information Systems or related degree
• Prefer an MBA or Master’s in Computer Science
• CISSP (Certified Information Systems Security Professional) or other security certification/accreditation desirable.


Industry: Software
Discipline: IT Mngmnt and Project Mngmnt
Experience: 11 - 15 Years
Compensation: $100K+
Company: Intuit

Contact information

Apply Online at TheLadders.com