Corporate and Role Context:
Collabera is a total talent solutions company, providing software engineering technology and talent solutions for the world’s most tech-forward organizations in the areas of engineering, Cloud and Data/ AI. With its roots serving the product engineering needs of some of the world’s most recognized businesses in technology, financial services, telecom, and healthcare, Collabera today operates across 60 locations in 11 countries, serves 30% of the Fortune 500, and has exceeded the industry growth rate by 3-4x for several years, with revenues now approaching $1b annually.
The Purpose, Role Definition, and Requirements: The WHY and WHAT for a Director – Information Security role
As Collabera readies itself for the next wave of growth driven by its opportunity in assembling total talent solutions for the digital world, the journey involves not just the evolution of our market facing solutions and offerings but also the evolution of our own talent in a digital and post-digital world. The journey also requires the execution and alignment of our Culture Operating System driven and defined by our core values that have stood the test of time. In this line, the CEO and the leadership team seeks a tech forward executive business partner in total talent transformation – Director - Information Security that would, in addition to serving the defined role of a Director - Information Security, also be a business advisor/ contributor for many of Collabera’s talent businesses.
The primary responsibility as the Director - Information Security is to understand the security operations and challenges in the current and future state of your business’s operations. Help you prepare Collabera employees with the right tools, skills, resources, relationships, and capabilities to protect against information security risks.
The Director - Information Security will work within the C-suite of executives, and must understand other business disciplines such as finance, HR, and compliance. They’ll need an in-depth knowledge of their organization’s operations and functions to make effective business decisions.
- Security operations—evaluating the IT threat landscape, devising cyber security policy and controls to reduce risk, leading auditing and compliance initiatives, and more.
- Disaster recovery—developing cyber resiliency so your organization can rapidly recover from hacking, security incidents, or infringements.
- Security finance management—determining if your data security initiatives are worth the financial investments.
- Documentation—contributing to a variety of security policy domains associated with compliance, governance, risk management, incident management, HR management, and additional domains.
- Compliance—ensuring that your organization is adaptable to evolving compliance regulations.
- Program onboarding—weighing business opportunities against security risks that can potentially compromise your organization’s long-term financial rewards.
- HR management—establishing a system that reduces human error and its impact on your organization’s security posture.
- To become a Director - Information Security, you’ll need to demonstrate your technical chops in the trenches, become the security de facto leader for your organization, and work your way up to claim the role of its official cybersecurity executive. This is why Director’s - Information Security are often more involved with the business in which they work than in the technology their teams use. Cybersecurity is also gaining more visibility in the boardroom, so to succeed in this role, you’ll need excellent leadership and management skills.
Other skills that you should master include:
- Financial fluency. You need to not only understand but also lead discussions on the financial topics relevant to your business. This will enable other leaders to take intelligent financial risks (pertaining to information security gains) and will help you contribute directly to the financial discussions about those risks.
- Communications. You must be able to communicate effectively with a variety of different people—crossing the divide between technical and business audiences. This means not only delivering presentations well but also communicating effectively in interpersonal situations.
- Empathy. You’ll need this critical skill to successfully connect with your organization’s business leaders, customers, and employees so you can determine the right level of risk tolerance for your IT security initiatives. Without empathy, cybersecurity becomes nearly impossible to do well.
- Ambition. You’ll need a strong desire to become an executive. The Director - Information Security job isn’t for everyone. It comes with great responsibility, risk, and reward. And you’ll have to take many risks in your career to get there, such as taking jobs with smaller or struggling organizations to get a seat at the executive table.
- 10+ years of work experience with a bachelor’s/Master’s degree
- Systems Security Certified Practitioner (SSCP)
- GRC: Governance Risk Compliances
- Certified Encryption Specialist
- Cybersecurity Analyst Certification
- Network Vulnerability Assessment
- Network Security Professional
- Security Analytics Professional
- IT Operations Specialist
- Secure Infrastructure Specialist
- ITIL® Foundation
- CISSP certification
Information Security, SSCP, CISSP, GRC (Governance Risk Compliances), Information Technology, Security operations, Disaster recovery