IAT has an immediate opening for an Information Security Officer
(CISO) & Infrastructure Operations AVP. This role will provide
technical expertise and executive leadership to all aspects of
information security and IT infrastructure operations. Responsible
for establishing and maintaining the Information Security strategy,
architecture, and multi-year roadmap that ensures that the companys
information assets are adequately protected. This position is also
operationally responsible for ensuring the availability, integrity,
and scalability for all IT systems and infrastructure.
This is a key leadership position that will direct the teams in
charge of information security, cloud services, compute & backup
services, network services, unified communications, and
Develop and implement a strategic, long-term information
security strategy and roadmap to ensure that IATs information
assets are adequately protected.
Work with senior leaders across the business and IT to assess and
communicate acceptable levels of risk.
Chair the IAT security steering committee.
Identify, evaluate and report on information security risks to the
IAT Security Committee and the IAT Board and provide subject matter
expertise on security standards and best practices (e.g. NY DFS
Lead the development of up-to-date information security policies,
procedures, standards, and guidelines, and oversee their approval,
dissemination, and maintenance.
Monitor the industry and external environment for emerging threats
and advise relevant stakeholders on appropriate courses of
Act as the champion for the enterprise information security program
and foster a security-aware culture.
Oversee the evaluation, selection, and implementation of
information security solutions that are innovative, cost-effective,
and minimally disruptive.
Partner with enterprise architects, infrastructure, and
applications teams to ensure that technologies are developed and
maintained according to security policies and guidelines.
Manage regular intrusion detection and vulnerability reporting,
internal and external IT audit groups reviews, and the coordination
of all required fixes.
Develop business metrics to measure the effectiveness of the
security management program and increase the maturity of the
cybersecurity program over time.
Lead the periodic automated and/or manual security vulnerability
assessments to identify patch, configuration, and code-related
Liaise with external auditing agencies to ensure that the
organization maintains a strong security posture.
Oversee incident response planning and the investigation of
security breaches and assist with any associated disciplinary and
Oversee and lead the creation, communication, and implementation of
a process for managing vendor risk and other third-party risks.
Lead due diligence and post-integration activities related to
information security for all M&A activity.
Lead or commission activities relating to contingency planning,
business continuity management, and IT disaster recovery in
conjunction with relevant functions and third parties
Infrastructure Operations Responsibilities:
Accountable for a high-performing computing infrastructure
companywide. This includes, but is not limited to, planning and
management of computer operations and production support, business
continuity, network operations, telecom, and cloud services.
Collaborate with the VP of Infrastructure and the Platform
Engineering Director to help develop strategic and tactical
solution plans for IT, especially IATs future technology
Conduct strategic and tactical level planning in partnership with
peers in IT Infrastructure to develop a technical roadmap and
ensure delivery of supportable technology solutions that meet
Partner with the VP of Infrastructure and the Platform Engineering
Director to build and modernize the organizational structure and
business processes to support our growth in an increasingly digital
Manage the evaluation and adoption of emerging technologies
including cloud, software-defined networking, high-performance
computing, and the latest collaboration technologies.
Develop and lead a high performing infrastructure operations team
to ensure the reliable delivery of IT services and operations.
Establish, maintain and execute operations procedures that leverage
efficiencies and best practices.
Oversee infrastructure service management activities including
incident, change, and request management.
Oversee the direction of infrastructure investments in
collaboration with team members, VP of Infrastructure, and the
Platform Engineering Director.
Oversee cybersecurity protections on all IT infrastructure
resources according to policies and standards.
Work with the Platform Delivery team to help drive the delivery of
major technology and infrastructure projects and service management
Implement and maintain controls and monitoring procedures to ensure
availability of critical systems and minimal service
Bachelors Degree in computer science, engineering, or a related
field Minimum 15 years of IT Infrastructure and/or IT Development
leadership experience, and 10+ years of information
A background in technical IT roles such as IT architecture,
development, or infrastructure operations, with a clear and abiding
interest in information security is preferred A proven track record
in developing information security policies and procedures, and
Extensive knowledge of business risk, risk assessment, and
risk-based decision making.
Able to communicate security and risk-related concepts to both
technical and non-technical audiences (in business terms),
including board level.
Ability to evangelize IT security to make it a critical part of
business operations; build trust and respect for the security
Ability to effectively prioritize and execute tasks in
Knowledge of security, risk, and control frameworks and standards
such as NIST, Center for Internet Security Critical Security
Controls, and ITIL.
Security technology acumen and experience including but not limited
to: firewall, intrusion detection, cyber-attack tools and defenses,
encryption, certificate authority, web filtering, anti-malware,
anti-phishing, identity and access management, multi-factor
Substantial experience leading, directing, and controlling a
complex, highly technical operational organization.
Understanding of cloud, IaaS, PaaS, and SaaS architectures, and
their implications on information security strategy.
Extensive knowledge of infrastructure systems and operations, cloud
computing and cloud operations, networking, virtualization,
disaster recovery, business continuity, Unified Communications, and
A track record of working collaboratively and productively with
Absolutely trustworthy with high standards of personal integrity
(demonstrated by an unblemished career history, complete lack of
criminal convictions, etc.), and willing to undergo vetting and/or
personality assessments to verify this if necessary Excellent
written and verbal communication, interpersonal and collaborative
Experienced with contract and vendor negotiations.
Professional certifications, such as a CISSP, CISM, CISA.
To qualify, all applicants must be authorized to work in the United
States and must not require, now or in the future, VISA sponsorship
for employment purposes
We are proud to be an EEO/AA employer M/F/D/V. We maintain a
drug-free workplace and participate in E-Verify.
To be formally considered one must apply online through the IAT
Applicants should monitor their email for status updates and or
IAT Recruiter: Steve Morley | Senior Recruiter