Lead and motivate a team of direct reports along with a cross functional team to design, implement, and assess controls that are designed to protect KM”s information and supporting technology platforms. The position is responsible for serving as the Security subject matter expert supporting processes, continuous improvement, corrective and preventive actions and driving automation of controls. This function includes, but is not limited to, independently performing complex and often unique work a... more details
Overview The Director of Information Security oversees the enterprise's security and is responsible for defining an information security program and roadmap that optimizes key controls to identify, prevent, detect, escalate, respond and recover from information security related risks and incidents. The role will ensure that KM systems comply with all legal, regulatory, industry requirements (e.g. JSOX, ISO27001, NIST, FEDRAMP etc.), corporate policies, standards, and procedures. This position requires a strategic view with tactical execution and partnering across the organization to provide the highest levels of information security with equal focus on people, processes and technology. Responsibilities Lead and motivate a team of direct reports along with a cross functional team to design, implement, and assess controls that are designed to protect KM”s information and supporting technology platforms. The position is responsible for serving as the Security subject matter expert supporting processes, continuous improvement, corrective and preventive actions and driving automation of controls. This function includes, but is not limited to, independently performing complex and often unique work assignments and problem resolution within enterprise projects and functions. • Own Enterprise Information Security Program to drive risk mitigation, meet compliance requirements, and oversee operational controls • Develop and execute on tactical and strategic goals to ensure a comprehensive information security program and roadmap. Establish annual security and compliance goals are met • Implement standards, governance and security policies that reduce vulnerability • Ensure effective identity and access management (IAM) controls are deployed and used • Communicate information security policies, standards and guidelines across the company • Provide current status reporting of the information security program to the Executive Team • Respond to client and prospect due diligence/bid questionnaires and interviews. • Manage the people, processes and technologies that provide situational security awareness through the detection, containment, and remediation of IT threats • Assure ongoing penetration, vulnerability, disaster recovery, and data breach tests occur. • Collaborate with all areas of IT and Business led IT to mitigate vulnerabilities and implement security measures • Lead compliance efforts such as IS27000, SOC 2, PCI, Fed Ramp and others • Integrate security into the development lifecycle for new solutions • Oversee the Information Security Committee • Apply risk management methods to information technology in order to manage IT risk • Protect integrity, availability, authenticity, non-repudiation and confidentiality of data • Work with internal auditors and outside advisors on required security assessments • Support and guide disaster recovery planning and testing • Lead security incident management including planning, testing, and remediation activities. Provide immediate response and action plans in the event of a data security threat or issue. Act as primary control point during significant information security incidents • Promote a data privacy culture by advocating best practices, advising associates on how to deliver compliance, and informing key stakeholders on their obligation to adhere to those laws when dealing with personal data Qualifications • A Bachelor’s Degree in a technical field (engineering, computer science, mathematics, statistics, management information systems, operations research, etc.) is required. • M.S. or M.B.A. is strongly preferred. • Certified Information Systems Security Professional (CISSP) - Strongly Desired • Experience working in a co-operation information security program. • Good public speaking and presentation skills and excellent written and verbal communication skills. • Interpersonal skills and ability to interact and work with staff at all levels. • Ability to work independently and in a team environment. • Ability to pay attention to details and be organized. • Ability to project professionalism and to handle multiple tasks in a fast-paced environment. • Commitment to “internal client” and customer service principles • Depth in modern technology stacks, specifically infrastructure, software engineering, data and analytics, and cloud – both public and “hybrid” models. • Has 10+ years of experience leading information security in a complex enterprise and possesses a strong understanding of data privacy and protection. • Demonstrated track record of information security transformation - A thought leader in the delivery of innovative cyber and risk management solutions through security rigor. • Understands the balance and nuances required to modernize information security capabilities in a hybrid technology environment with both legacy and modern technology practices and resources About Us Konica Minolta’s journey started 150 years ago, with a vision to see and do things differently. We innovate for the good of society and the world. The same purpose that kept us moving then, keeps us moving now. Konica Minolta Business Solutions U.S.A., Inc. is reshaping and revolutionizing the workplace to achieve true connectivity through the Intelligent Connected Workplace. The company guides and supports its clients’ digital transformation through its expansive office technology portfolio, including IT Services (All Covered), intelligent information management, managed print services and industrial and commercial print solutions. Konica Minolta has been included on CRN’s MSP 500 list nine times and The World Technology Awards named the company a finalist in the IT Software category. Konica Minolta has been recognized as the #1 Brand for Customer Loyalty in the MFP Office Copier Market by Brand Keys for sixteen consecutive years, and is proud to be ranked on the Forbes 2021 America’s Best-in-State employers list. The company received Keypoint Intelligence’s BLI 2021 A3 Line of The Year Award and BLI 2021-2023 Most Color Consistent A3 Brand Award for its bizhub i-Series. Konica Minolta, Inc. has been named to the Dow Jones Sustainability World Index for nine consecutive years and has spent six years on the Global 100 Most Sustainable Corporations in the World list. Konica Minolta partners with its clients to give shape to ideas and works to bring value to our society. For more information, please visit us online and follow Konica Minolta on Facebook, YouTube, LinkedIn and Twitter. EOE Statement Konica Minolta is an equal opportunity and affirmative action employer. We consider all qualified applicants for employment without regard to race, color, religion, creed, national origin, sex, pregnancy, age, sexual orientation, transgender status, gender identity, disability, alienage or citizenship status, marital status or partnership status, genetic information, veteran status or any other characteristic protected under applicable law.