Director, IT Security

Denver, CO, United States

About our Company:

Based in Denver, Colorado, Cologix is North America's leading network-neutral interconnection and hyperscale edge data center company. Our platform gives customers access to 40+ digital edge and ScalelogixSM hyperscale edge data centers in 11 markets across the United States and Canada along with a carrier-dense ecosystem of 700+ networks, 360+ cloud providers, 30+ onramps and six Internet exchanges. We provide our nearly 2,000 customers with direct access to our local operations teams, resulting in strong partnerships enabled by exceptional operational support and unparalleled customer service. Backed by one of the largest North American infrastructure funds, Cologix's experienced leadership team, certified staff and commitment to ESG initiatives help form a culture that values our people, our environment and our clients.

About the Position:

Cologix is hiring for a Director IT Security who will be responsible for designing, implementing, and continually improving the security solutions identified in the organization's security program to ensure that all information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected.

You will be responsible for day-to-day security operations including supporting and maintaining a wide range of information security products that monitor and provide compliance across the digital assets owned, controlled and/or processed by the organization.

The Director IT Security must be knowledgeable with the operation, maintenance and functionality of firewalls and endpoint security systems. The ideal candidate is dedicated and passionate about cyber security technologies and is constantly learning and evolving to have awareness of current hacking techniques and cybercrime and keeps pace with the industry's latest trends to address these threats.

What you do daily:

Be the focal point for security incident response planning, execution, and awareness. Respond to and troubleshoot security incidents, and provide on-call support

Responsible for providing strategic direction and compliance of Customer Identity and Authentication

Leads, develops, and maintains technology policies, processes, procedures, and key metrics related to all internal and cloud systems

Leads a high performing team of security professionals, including building individual development plans and performance reviews.

Manages professional relations with employees, vendors, and clients in respect to information security circumstances

Understands SRE and Security principles to ensure the best availability and safety of our customers

Deep understanding of identity systems, security threats, code validation tools, cryptographic algorithms

Identifies and ensures implementation of best practices, policies, standards, baselines, guidelines, and procedures

Responsible for the identification, investigation, and resolution of security incidents

Participates in the planning, design, and testing of enterprise security architecture, as well as disaster recovery & business continuity

Updates and enhances security policies and procedures

Recommends additional security solutions or enhancements to existing security solutions to improve overall enterprise security posture

Participates in the design and execution of vulnerability assessments, penetration tests and security audits

Develops and implements security strategy for the organization. Advises executive leadership on the security vision that is aligned to organizational priorities and enables and facilitates the organization's business objectives

Develop, socialize, implement, and support a multi-year technical roadmap of products and architectural approaches to secure our Hybrid cloud/on premise environments

Works collaboratively with internal stakeholders and partners to create a comprehensive roadmap and implement in a phased approach to realize the overall roadmap

Identifies, evaluates, and reports on cybersecurity risk related to assets. Performs an inventory of information assets and maintains the asset repository

Develop and maintain the Information Security Incident Response Playbook(s). Perform annual tabletop exercises integrating critical functions across the organization in the Incident Response Playbook

Coordinates with auditors in the execution of audits. Develops a strategy for handling audits and external assessment processes for relevant regulations

Provides support for HIPAA, GDPR, CCPA and other privacy policies across a global footprint and staying current on relevant security regulations, laws, and technologies

Evaluate, test, and assist in the selection of manual and/or automated security control solutions that promote safeguarding of assets, including monitoring compliance with approved processes

Responsible for conducting training and communications plans and programs which includes security awareness programs, security training, and security training compliance

Provides strategic and tactical security guidance for all IT projects, including the evaluation and recommendation of technical controls

Participates in the planning, design, and testing of enterprise security architecture, as well as disaster recovery & business continuity

Balance information security activities with business priorities through prioritization of security risk and mitigation activities.

Updates and enhances security policies and procedures

What makes you a good fit: (Qualifications) 12+ years of experience in a security operation center environment, 6+ year experience in managing Security Operations team

Experience and Knowledge of audit and compliance management methodology

Deep experience with penetration testing and remediation process

Has experience running embedded security engineers in development teams to educate and grow knowledge of good coding practices

Strong understanding of the ISO 27001/27002 and NIST frameworks

Working knowledge of global data privacy rules and regulations

Strong writing skills and communication skills

Demonstrated ability as an effective leader and change agent

Demonstrated ability to think strategically and make effective and timely decision

Preferred Certifications: CISSP: Certified Information Systems Security Professional

CCSP: Certified Cloud Security Professional

CCNA: Cisco Certified Network Associate Security

CCNP: Cisco Certified Network Professional Security

Benefits:

We offer a competitive benefit package for full-time employees that includes: Medical, dental and vision insurance

Flexible spending account options

Non-accrued PTO

Company paid holidays

401k Retirement Plan

Short- and Long-Term Disability

Individual compensation will be commensurate with the candidate's experience. This position will also be eligible for an annual bonus.

Salary Range

$170,000-$190,000 USD

NOTE: This job description is not intended to be all-inclusive. Employee may perform other related duties as assigned to meet the ongoing needs of the organization.

Cologix is proud to be an Equal Opportunity Employer. Qualified applicants are considered for employment without regard to age, race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or veteran status. If you need assistance in applying for any of our open positions, please contact us at [email protected] or call 720-940-2551.

The California Consumer Privacy Act ("CCPA") creates privacy rights relating to the collection, sale, disclosure, and deletion of consumers' personal information. The CCPA requires businesses to provide consumers, including job applicants and employees, with information about their rights, including a description of the categories of personal information to be collected and the purpose for which the information will be used. For additional information regarding your rights, including a description of the categories of personal information to be collected and the purpose for which the information will be used, please see https://cologix.com/privacy-policy/.

Cologix' data centers are ISO 27001:2013 certified. ISO 27001:2013 certification and the Cologix portfolio of information security, information privacy and other industry recognized certifications represents our dedication to insuring the confidentiality, integrity and availability of company and customer information systems and assets. At Cologix, information security is everyone's responsibility. Cologix employees are responsible for: Understanding and following Cologix' information security, cybersecurity and privacy policies, procedures and standards.

Ensuring conformance to all information security, cybersecurity and privacy policies, procedures, and standards.

Remaining vigilant and reporting any suspicious activity or possible vulnerabilities, weaknesses, threats, or breaches in Cologix information security to company information security and privacy officers.

Actively participating in Cologix' efforts to maintain and improve information security.