Director It Security Jobs (NOW HIRING)

Position Title: Associate Director, IT Security and Applications

Reports To: Senior Director, IT

Employment Type: Full-Time

Location: Remote – preferred location South Florida

DESCRIPTION:

The Parkinson’s Foundation (PF) makes life better for people with Parkinson’s disease by improving care and advancing research toward a cure. In everything we do, we build on the energy, experience, and passion of our global Parkinson's community.

PRIMARY ROLE: The Associate Director, IT Security and Applications, plays a critical role in overseeing the Foundation's IT applications and ensuring the security of its digital infrastructure. This position is responsible for managing software applications, implementing cybersecurity measures, and ensuring compliance with relevant standards and regulations. The ideal candidate combines expertise in application management and cybersecurity to safeguard the organization from cyber threats while maintaining optimal application performance.

RESPONSIBILITIES: Responsibilities include, but are not limited to the following:

Application Management:

Administration and Maintenance

• Oversee the lifecycle management of software applications, including planning, implementation, updates, and decommissioning.
• Ensure applications are running efficiently, securely, and are accessible to authorized users.
• Manage integration between enterprise applications to optimize security and performance

Vendor and Stakeholder Collaboration

• Liaise with vendors to ensure timely software updates, patches, and security fixes.
• Work closely with internal stakeholders to align applications with business needs while ensuring security best practices. Evaluate third-party software for security risks before deployment.

Performance Monitoring

• Monitor application performance metrics and troubleshoot issues as they arise.
• Conduct regular security audits and vulnerability assessments to identify risks within enterprise applications. Implement automated monitoring tools for anomaly detection and threat mitigation.

Cybersecurity Management:

Security Policy Development and Compliance

• Develop and enforce cybersecurity policies, procedures, and best practices in alignment with industry standards such as NIST, CIS, ISO 27001, and SOC 2.
• Ensure compliance with regulatory requirements such as GDPR, CCPA, or HIPAA, as applicable.
• Regularly review and update security policies based on emerging threats and compliance changes.

Threat Detection, Response, and Incident Handling

• Implement threat intelligence programs to proactively detect, analyze, and mitigate cyber threats.
• Lead incident response and forensic investigations in the event of cyberattacks, breaches, or unauthorized access.
• Develop and maintain a business continuity and disaster recovery (BC/DR) strategy for cybersecurity incidents.
• Continuously monitor the organization's IT environment for vulnerabilities, breaches, and unusual activities.
• Coordinate with external cybersecurity partners and threat intelligence feeds to stay ahead of new attack vectors.
• Respond promptly to cybersecurity incidents, performing root cause analysis and implementing remediation strategies.

Risk Assessment and Mitigation

• Coordinate regular security risk assessments, penetration testing, and vulnerability scanning on applications and IT infrastructure.
• Deploy endpoint security solutions, SIEM systems, intrusion detection/prevention systems (IDS/IPS), and firewalls to protect enterprise assets.
• Enforce secure authentication mechanisms, such as multi-factor authentication (MFA) and single sign-on (SSO).
• Lead incident response and forensic investigations in the event of cyberattacks, breaches, or unauthorized access.
• Develop and maintain a business continuity and disaster recovery (BC/DR) strategy for cybersecurity incidents.

Security Awareness and Training

• Develop and deliver cybersecurity training programs for employees to reduce human error and social engineering risks.
• Coordinate with external cybersecurity partners and threat intelligence feeds to stay ahead of new attack vectors.
• Conduct phishing simulations and security workshops.
• Foster a culture of security awareness across the organization.

Leadership and Team Management

Strategic Planning

• Contribute to the development of IT and security strategies that align with organizational goals.

Incident Management

• Serve as the primary escalation point for critical application and security incidents.
• Coordinate cross-departmental responses to ensure minimal disruption to business operations.
• Conduct post-incident reviews (PIRs) to implement lessons learned and improve future security posture.

Key Competencies

• Technical Expertise: In-depth understanding of cybersecurity trends and application management.
• Leadership: Ability to lead a team and influence stakeholders effectively.
• Analytical Thinking: Skill in identifying risks, resolving issues, and optimizing processes.
• Adaptability: Willingness to stay current with evolving technologies and security threats.
• Demonstrates the organizational values of excellence, teamwork, collaboration, integrity, positivity, dedication and responsiveness.

EXPERIENCE/SKILLS/SKILLS REQUIRED

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Relevant certifications such as CISSP, CISM, CEH, CISA, or CompTIA Security+.
• 5-7 years of experience in application management, IT security, or cybersecurity operations.
• Proven track record in managing enterprise applications and implementing cybersecurity frameworks.
• Several years of experience administering cloud-based environments with Microsoft 365, Azure, Intune, Defender.
• Familiarity with enterprise applications such as Blackpoint Cyber, DATTO RMM.
• Strong knowledge of cybersecurity best practices, tools, and frameworks.
• Proficiency in IT service management tools and security monitoring platforms.
• Excellent problem-solving, project management, and communication skills.

COMPENSATION:

Salary for this position is competitive and depends on prior experience. In addition, a comprehensive benefits package is included. The salary range for this position is $75,000 to $85,000.

The Parkinson’s Foundation is an equal opportunity employer. We are committed to diversity, equity, and inclusion in our culture and in our work on behalf of people with Parkinson's disease.