Director, IT Security
Denver, CO, United States
About our Company:
Based in Denver, Colorado, Cologix is North America's leading network-neutral interconnection and hyperscale edge data center company. Our platform gives customers access to 40+ digital edge and ScalelogixSM hyperscale edge data centers in 11 markets across the United States and Canada along with a carrier-dense ecosystem of 700+ networks, 360+ cloud providers, 30+ onramps and six Internet exchanges. We provide our nearly 2,000 customers with direct access to our local operations teams, resulting in strong partnerships enabled by exceptional operational support and unparalleled customer service. Backed by one of the largest North American infrastructure funds, Cologix's experienced leadership team, certified staff and commitment to ESG initiatives help form a culture that values our people, our environment and our clients.
About the Position:
Cologix is hiring for a Director IT Security who will be responsible for designing, implementing, and continually improving the security solutions identified in the organization's security program to ensure that all information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected.
You will be responsible for day-to-day security operations including supporting and maintaining a wide range of information security products that monitor and provide compliance across the digital assets owned, controlled and/or processed by the organization.
The Director IT Security must be knowledgeable with the operation, maintenance and functionality of firewalls and endpoint security systems. The ideal candidate is dedicated and passionate about cyber security technologies and is constantly learning and evolving to have awareness of current hacking techniques and cybercrime and keeps pace with the industry's latest trends to address these threats.
What you do daily:
Be the focal point for security incident response planning, execution, and awareness. Respond to and troubleshoot security incidents, and provide on-call support
Responsible for providing strategic direction and compliance of Customer Identity and Authentication
Leads, develops, and maintains technology policies, processes, procedures, and key metrics related to all internal and cloud systems
Leads a high performing team of security professionals, including building individual development plans and performance reviews.
Manages professional relations with employees, vendors, and clients in respect to information security circumstances
Understands SRE and Security principles to ensure the best availability and safety of our customers
Deep understanding of identity systems, security threats, code validation tools, cryptographic algorithms
Identifies and ensures implementation of best practices, policies, standards, baselines, guidelines, and procedures
Responsible for the identification, investigation, and resolution of security incidents
Participates in the planning, design, and testing of enterprise security architecture, as well as disaster recovery & business continuity
Updates and enhances security policies and procedures
Recommends additional security solutions or enhancements to existing security solutions to improve overall enterprise security posture
Participates in the design and execution of vulnerability assessments, penetration tests and security audits
Develops and implements security strategy for the organization. Advises executive leadership on the security vision that is aligned to organizational priorities and enables and facilitates the organization's business objectives
Develop, socialize, implement, and support a multi-year technical roadmap of products and architectural approaches to secure our Hybrid cloud/on premise environments
Works collaboratively with internal stakeholders and partners to create a comprehensive roadmap and implement in a phased approach to realize the overall roadmap
Identifies, evaluates, and reports on cybersecurity risk related to assets. Performs an inventory of information assets and maintains the asset repository
Develop and maintain the Information Security Incident Response Playbook(s). Perform annual tabletop exercises integrating critical functions across the organization in the Incident Response Playbook
Coordinates with auditors in the execution of audits. Develops a strategy for handling audits and external assessment processes for relevant regulations
Provides support for HIPAA, GDPR, CCPA and other privacy policies across a global footprint and staying current on relevant security regulations, laws, and technologies
Evaluate, test, and assist in the selection of manual and/or automated security control solutions that promote safeguarding of assets, including monitoring compliance with approved processes
Responsible for conducting training and communications plans and programs which includes security awareness programs, security training, and security training compliance
Provides strategic and tactical security guidance for all IT projects, including the evaluation and recommendation of technical controls
Participates in the planning, design, and testing of enterprise security architecture, as well as disaster recovery & business continuity
Balance information security activities with business priorities through prioritization of security risk and mitigation activities.
Updates and enhances security policies and procedures
What makes you a good fit: (Qualifications) 12+ years of experience in a security operation center environment, 6+ year experience in managing Security Operations team
Experience and Knowledge of audit and compliance management methodology
Deep experience with penetration testing and remediation process
Has experience running embedded security engineers in development teams to educate and grow knowledge of good coding practices
Strong understanding of the ISO 27001/27002 and NIST frameworks
Working knowledge of global data privacy rules and regulations
Strong writing skills and communication skills
Demonstrated ability as an effective leader and change agent
Demonstrated ability to think strategically and make effective and timely decision
Preferred Certifications: CISSP: Certified Information Systems Security Professional
CCSP: Certified Cloud Security Professional
CCNA: Cisco Certified Network Associate Security
CCNP: Cisco Certified Network Professional Security
Benefits:
We offer a competitive benefit package for full-time employees that includes: Medical, dental and vision insurance
Flexible spending account options
Non-accrued PTO
Company paid holidays
401k Retirement Plan
Short- and Long-Term Disability
Individual compensation will be commensurate with the candidate's experience. This position will also be eligible for an annual bonus.
Salary Range
$170,000-$190,000 USD
NOTE: This job description is not intended to be all-inclusive. Employee may perform other related duties as assigned to meet the ongoing needs of the organization.
Cologix is proud to be an Equal Opportunity Employer. Qualified applicants are considered for employment without regard to age, race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or veteran status. If you need assistance in applying for any of our open positions, please contact us at [email protected] or call 720-940-2551.
The California Consumer Privacy Act ("CCPA") creates privacy rights relating to the collection, sale, disclosure, and deletion of consumers' personal information. The CCPA requires businesses to provide consumers, including job applicants and employees, with information about their rights, including a description of the categories of personal information to be collected and the purpose for which the information will be used. For additional information regarding your rights, including a description of the categories of personal information to be collected and the purpose for which the information will be used, please see https://cologix.com/privacy-policy/.
Cologix' data centers are ISO 27001:2013 certified. ISO 27001:2013 certification and the Cologix portfolio of information security, information privacy and other industry recognized certifications represents our dedication to insuring the confidentiality, integrity and availability of company and customer information systems and assets. At Cologix, information security is everyone's responsibility. Cologix employees are responsible for: Understanding and following Cologix' information security, cybersecurity and privacy policies, procedures and standards.
Ensuring conformance to all information security, cybersecurity and privacy policies, procedures, and standards.
Remaining vigilant and reporting any suspicious activity or possible vulnerabilities, weaknesses, threats, or breaches in Cologix information security to company information security and privacy officers.
Actively participating in Cologix' efforts to maintain and improve information security.