5+ years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Job Category:
Information Services
Cyber Security Strategy Director - 17-12480
(This job is no longer available)
Grad Date

Not sure what types of jobs you are interested in?

Explore Jobs
Based on Your Education

Follow This Company

Job Description

The Cyber Security Strategy team is responsible for defining the cyber security strategic roadmap by interfacing with core business functions and technology teams to identify required future state security capabilities, working with internal cyber security team to secure the threat landscape, and considering strategic risk areas of the organization.


  • Strategy planning, security architecture design and review
  • Works on broad, highly-visible, strategic projects in an extremely complex and evolving technical and business environment.
  • Formally or informally leading and managing/mentoring cyber security specialists
  • Leverage their existing cyber security knowledge and their risk management background to drive an advanced Cyber Security Program in a fast-paced environment.
  • Document the strategy and identify improvement initiatives for the information security program
  • Establish program-wide metrics (KRIs and KPIs) to communicate risk, demonstrate progress and build awareness of information security program performance.
  • Define and manage a Cyber Security Engagement model that enables other team members to leverage Cyber Security team services to secure company data.
  • Influence cyber security capability maturity by identifying relevant security industry practices and partnering across the organization to implement improvement projects.
  • Drive cyber security requirement for adoption of a GRC tool and integrate with the Cyber Security metrics program. Work hand in hand with security program management and tactical deployment teams to ensure alignment with strategy and vision.
  • Maintain regular engagement and proactive partnership with business and technology teams to ensure assigned strategies align with business and technical needs, requirements, and constraints
  • Maintain a catalogue of high level security capabilities for all assigned strategies.
  • Support additional aspects of security strategy, including: Provide expert input into the collective cyber security strategy to ensure that future security investments are aligned appropriately when considering key priorities such as business requirements, industry threat landscape, and risk appetite.
  • Provide expert security input to solution deployments to help ensure that solutions deployed, and corresponding information assets, are aligned with our security strategy.
  • Defining and maintaining security capability catalogues to support the information security strategy agenda. Partner with business and technology to provide expert security guidance into design and implementation of enterprise security capabilities.
  • Analyze market and industry trends and adjust security strategy accordingly
  • Be the Cyber Security liaison with Corporate Audit Staff (CAS) to identify strategic initiatives for CAS IT Manager that drive cyber security governance and compliance
  • Assist with program brand development and implementation of communication strategies.
  • Serve as program spokesperson; plan and publish content and deliver internal and external program communications to the appropriate audience through various channels.
  • Train, coach, and share technical and business knowledge with less experienced staff
  • Prepare Management and Executive reports to convey the results of assessments and strategic initiatives Influence strategy for engaging with strategic businesses and defining the process of engagement
  • Participate on project teams
  • Assist with Cyber Security processes and programs
  • Demonstrate excellent project management skills and the ability to deliver in a fast paced environment

Position requirements:

  • Bachelors Degree from an accredited college or university with a major in Computer Information Systems or research related discipline or a minimum of 5+ years of direct Information Security experience, an MBA is preferred but not required.
  • 12+ years IT experience with 5+ years' experience in solutions development and 5+ years' experience with strategic partners/clients and 7+ years with Information Security experience, preferred at the Architect level
  • Security certifications a plus: CISSP, CISM, CISA, Privacy, ITIL, etc.
  • Familiarity with and understanding of information security technologies and control
  • Experience in application architecture and design techniques and familiarity with data modelling and relational database techniques
  • Experience providing and validating security requirements related to information system design, implementation and business processes
  • Knowledge of common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT.
  • Basic Understanding of System Development Life Cycle methodology
  • Cloud computing standards and controls a plus
  • A bias for change and the ability to influence a team toward quality and success
  • Strong communication, persuasion, interpersonal and presentation skills
  • Ability to effectively manage multiple competing initiatives
  • Able to listen and quickly distill a situation and recommend a course of action to drive on-time,on-budget delivery of project deliverables or client escalations
  • Client-facing experience with the ability to translate between internal operations, technology and client business needs
  • Media, in particular video or research industry experience is a plus.


Applicants must be eligible to work in the specified location