Director of Information Security and Data Governance

Overview

Lead enterprise cybersecurity and data governance for a distributed roofing company

Key Responsibilities

• backup management
• endpoint protection
• firewall management
• incident response
• risk assessments
• data governance

Tasks

-Leverage Veeam backups and disaster recovery solutions to ensure data availability and resilience in case of cyber incidents or natural disasters. -Monitor and respond to security alerts, utilizing SentinelOne and other tools to investigate, contain, and mitigate potential threats in real time. -Coordinate with external vendors to ensure data security standards are maintained for managed services and third-party integrations. -Mentor and support cross-functional teams in integrating security into their workflows and operational processes. -Lead the development and execution of an incident response plan that addresses potential data breaches, ransomware attacks, and other security incidents. -Serve as a thought leader in the organization, guiding teams on emerging threats, industry best practices, and innovative security solutions. -Collaborate with IT Operations to embed security across all IT initiatives and operations, ensuring proactive security measures are taken from the start. -Develop and execute a company-wide security awareness program to educate employees on the importance of data protection and best practices for securing sensitive information. -Provide targeted training on phishing prevention, secure data handling, and threat awareness, tailored to employees at all levels of the organization. -Partner with the CIO to define and implement a roadmap for evolving the organization’s security strategy, with the goal of transitioning into a CISO role as the company’s security needs mature. -Develop and enforce policies to mitigate risks associated with cloud-based services, on-premise infrastructure, and remote locations. -Oversee the implementation and management of Fortinet firewalls for network security, ensuring optimal performance in protecting internal and external assets. -Work closely with development teams to integrate secure software development practices (e.g., threat modeling, secure coding, code reviews, and penetration testing) into the SDLC for in-house developed software solutions. -Lead the management and optimization of SentinelOne for endpoint protection, ensuring the security of devices across the organization and the rapid detection of potential threats. -Develop and enforce a data governance framework to classify, protect, and secure sensitive data across the company’s distributed operations. -Ensure compliance with relevant data privacy and security regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001) and guide the company through audit and certification processes. -Oversee the management and configuration of Fortinet firewalls, SentinelOne endpoint protection, and Veeam backup systems to ensure continuous data protection and rapid incident detection and recovery. -Develop and execute a comprehensive cybersecurity strategy, with a focus on risk management, threat detection, and incident response. -Conduct regular security risk assessments, vulnerability scanning, and penetration testing to identify and address potential threats. -Implement and maintain encryption and access control mechanisms to safeguard PII, financial data, and other sensitive information.

Requirements

• fortinet
• vmware
• veeam
• sentinelone
• cissp
• 7+ years

What You Bring

-Excellent problem-solving, leadership, and communication skills, with the ability to influence and collaborate across teams. -Hands-on experience managing Fortinet firewalls, SentinelOne, VMware servers, and Veeam backups in an enterprise environment. -Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and data privacy regulations (e.g., GDPR, CCPA). -7+ years of experience in IT security or cybersecurity, with experience in endpoint protection, network security, and data governance. -Expertise in Fortinet firewalls, SentinelOne endpoint protection, VMware server security, and Veeam backup solutions. -Familiarity with Fortinet NSE certifications or VMware certifications is a plus. -Experience with E-mail protection platforms (Proofpoint, Abnormal & KnowBe4) -Bachelor’s degree in Information Security, Computer Science, or a related field. -CISSP, CISM, or similar cybersecurity certifications (preferred but not required).

People Also Searched For

About Tecta America Commercial Roofing

-Focus on high-quality roofing services. -Provides tailored roofing solutions. -Handles a wide range of projects from new installations to complex repairs. -Experts in energy-efficient roofing systems. -Supports the utilities sector with specialized roofing. -Known for exceptional customer service and project delivery. -Operates a network of regional offices leveraging local expertise.

Sector Specialisms