Contractual Game Simulation Programming Jobs in Phoenix, AZ

Job Summary:
DBM Global Inc. is seeking a Director of Information Security & Compliance to establish and maintain the information security program. The role involves managing cybersecurity risks, ensuring compliance with regulations, and leading the organization's cybersecurity strategy and incident response processes.
Responsibilities:
• Provide regular reporting on the status of the information security program, cybersecurity risk posture, and emerging threat landscape to enterprise risk teams and senior business leaders as part of a strategic enterprise risk management program.
• Develop, maintain, and continuously improve the enterprise cybersecurity strategy, including policies, standards, and procedures aligned with industry frameworks (e.g., NIST, ISO, CIS).
• Lead the organization’s cybersecurity risk management program, including the identification, assessment, prioritization, and remediation of security risks across systems, applications, infrastructure, and third-party environments.
• Oversee security monitoring, vulnerability management, and threat detection activities, ensuring timely identification and remediation of vulnerabilities and potential security incidents.
• Establish and maintain incident response and cyber event management processes, including preparation, detection, containment, eradication, and recovery from cybersecurity incidents.
• Maintain and mature the organization’s security architecture and security control framework, ensuring security is integrated into infrastructure, cloud platforms, applications, and DevOps processes.
• Work with vendors and third parties to ensure that information security and cybersecurity requirements are embedded in contracts, services, and vendor risk assessments.
• Create and manage a targeted security awareness and cybersecurity training program for employees, contractors, and approved system users, and establish metrics to measure the effectiveness of security education.
• Maintain an Enterprise Risk Register that drives the cybersecurity investment strategy, risk mitigation initiatives, and long-term security roadmap.
• Provide clear risk-mitigating directives for IT projects and initiatives, ensuring secure design principles and mandatory security controls are implemented across technology solutions.
• Collaborate with Infrastructure, DevOps, and application teams to ensure secure system configuration, patch management, identity and access controls, and data protection practices are implemented and maintained.
• Work with internal and external audit firms to ensure compliance with Sarbanes Oxley (SOX) and other regulatory or contractual obligations. Ensure IT General Controls (ITGCs) are effective, documented, and operate successfully.
• Oversee business continuity and disaster recovery cybersecurity considerations.
• Lead tabletop exercises and incident simulations to validate response readiness.
• Coordinate with legal, risk, and communications teams during significant cyber events.
Qualifications:
Required:
• 5-10 Years’ experience
• BS in Computer Science or related field, or equivalent experience
• CISSP certification is required for this role; if you do not currently have this certification, you’ll have 12 months to obtain it.
• Provide regular reporting on the status of the information security program, cybersecurity risk posture, and emerging threat landscape to enterprise risk teams and senior business leaders as part of a strategic enterprise risk management program.
• Develop, maintain, and continuously improve the enterprise cybersecurity strategy, including policies, standards, and procedures aligned with industry frameworks (e.g., NIST, ISO, CIS).
• Lead the organization’s cybersecurity risk management program, including the identification, assessment, prioritization, and remediation of security risks across systems, applications, infrastructure, and third-party environments.
• Oversee security monitoring, vulnerability management, and threat detection activities, ensuring timely identification and remediation of vulnerabilities and potential security incidents.
• Establish and maintain incident response and cyber event management processes, including preparation, detection, containment, eradication, and recovery from cybersecurity incidents.
• Maintain and mature the organization’s security architecture and security control framework, ensuring security is integrated into infrastructure, cloud platforms, applications, and DevOps processes.
• Work with vendors and third parties to ensure that information security and cybersecurity requirements are embedded in contracts, services, and vendor risk assessments.
• Create and manage a targeted security awareness and cybersecurity training program for employees, contractors, and approved system users, and establish metrics to measure the effectiveness of security education.
• Maintain an Enterprise Risk Register that drives the cybersecurity investment strategy, risk mitigation initiatives, and long-term security roadmap.
• Provide clear risk-mitigating directives for IT projects and initiatives, ensuring secure design principles and mandatory security controls are implemented across technology solutions.
• Collaborate with Infrastructure, DevOps, and application teams to ensure secure system configuration, patch management, identity and access controls, and data protection practices are implemented and maintained.
• Work with internal and external audit firms to ensure compliance with Sarbanes Oxley (SOX) and other regulatory or contractual obligations. Ensure IT General Controls (ITGCs) are effective, documented, and operate successfully.
• Oversee business continuity and disaster recovery cybersecurity considerations.
• Lead tabletop exercises and incident simulations to validate response readiness.
• Coordinate with legal, risk, and communications teams during significant cyber events.
Preferred:
• Experience with Evotec and/or oversight Systems is highly preferred.
Company:
Majority-owned by INNOVATE Corp. Founded in 1984, the company is headquartered in Phoenix, USA, with a team of 1001-5000 employees. The company is currently Late Stage.