KnoxvilleRecruiter Since 2001
the smart solution for Knoxville jobs

Director of Information & Application Security

Company: Tombras
Location: Knoxville
Posted on: November 19, 2021

Job Description:

Tombras, a 400+ person, full-service, national advertising agency with a digital mindset, is seeking to fill a Director of Information and Application Security position. The Director of Information and Application Security will report to the Chief Information Officer.
You'll be joining one of the top independent agencies in North America. We blur the lines between a creative agency, a digital agency and a management consultancy. Our digital offering is married to the discipline and rigor of our Effie-winning strategists and Cannes Lion-winning creative directors. We are united by our philosophy: Connecting Data & Creativity for Business Results--. You'll also be a part of a highly creative agency that has been recognized by Advertising Age, Adweek, Communication Arts, Fast Company, Forbes and Fortune. Tombras was recently named one of Ad Age A-List Agencies to Watch.
This position can be remote or in Knoxville, TN.
What you will be doing:
Corporate Security Leadership

  • Define standards, strategies, programs, and policies where required to span all areas of the company that impact Information Security, Governance and Compliance.
  • Partner with Leadership, IT, and other Business Service teams (Legal, HR, Support, Procurement) to ensure programs are executed in adherence to corporate standards. Manage InfoSec projects that may span multiple teams. Provide guidance and counsel while building relationships and goodwill.
  • Work with IT leaders to understand their product line programs and roadmaps for alignment with the Company's Information Security policies.
  • Provide oversight of corporate efforts to gain industry certifications such as SOC2 Type II, ISO 27001, NIST 800-53.
  • Manage company-wide Information Security governance processes.
  • Own Information Security readiness, providing training and communication that promote a "security first" mindset and practice across the organization.
  • Prepare and conduct regular Information Security briefings with the executive team.
    Policy, Compliance, Audits
    • Manage periodic review, implementation, and compliance to Company's Information Security Policies.
    • Develop a Company-wide strategy for Information Security audits, and coordinate and track those audits where required. Act as the key point of contact across corporate shared services for internal / external security audits, including those that support certifications and compliance. Provide guidance and advocacy on audit responses at the corporate level.
    • Establish security compliance goals, reporting, and a roadmap for continual improvement.
      Risk Management and Incident Response
      • Define processes and procedures to recognize, assess, and address changes that have the potential to introduce increased Information Security risk at the company-wide level.
      • Participate in data breach incident response. Provide leadership for breach response and notice actions, owning the corporate data breach responses to customers, regulators, and other stakeholders.
        Application Security
        • Establish a DevSecOps program to complement the organization's IT operations, including monitoring and reporting capabilities
        • Work directly with DevOps to implement an application security program to complement the organization's Systems Development Life Cycle.
        • Provide architectural security guidance to Technical Directors
        • Raise awareness of risk management to all development teams
          Security Advocacy and Customer Engagement
          • Engage with customers and prospects as an Information Security subject expert and advocate. Creating white papers and other materials to communicate Information Security policies and procedures.
          • Manage Data Governance and Compliance program to manage handling of customer data assets to adhere to privacy and regulatory requirements
          • Review customer contracts for security, privacy, and technical requirements in partnership with the Account and Legal teams.
            What you bring:
            • 7+ years of experience in Information Security working at the management level.
            • Experience with contract and vendor negotiations
            • Excellent teamwork, problem solving, and risk-based prioritization skills
            • Experience in an internal leadership role and a position involving engagement with customers, regulators and vendors.
            • Strong verbal and written communication, including the ability to translate technically complex issues into easy to understand concepts.
            • Information Security professional certifications (CISSP or other)
            • Working knowledge of Information Security certification processes such as SOC2, HIPAA, GDPR and CCPA.
              Why you'll want to work at Tombras:
              • New, Modern building in downtown Knoxville
              • Dog-friendly office
              • Casual dress & environment
              • Free Parking
              • 11 Paid Holidays
              • Paid Volunteer Days
              • Generous parental leave for primary and non-primary caregivers.
              • Medical (PPO or High Deductible option) for employee + dependents
              • Employer-paid Dental & Vision
              • Employee Assistance Program for employees + dependents
                • Includes 3 free counseling sessions per life event
                • HSA Employer Contributions
                • Dependent Care FSA Option
                • Employer-paid life and disability insurance
                • 401(k) Participation + discretionary employer contribution
                • Highly collaborative and high-energy work environment
                • Model of ongoing feedback for continuous career growth and development
                • A company culture of promotions from within and an atmosphere allowing for varied and rapid career development.
                  This position will be based remotely to start and can remain remote or be based in our Knoxville when our offices reopen later this year. If you haven't heard, Knoxville is one of the coolest cities (just ask HuffPost, Buzzfeed and Forbes).
                  Tombras is proud to be an equal opportunity employer dedicated to pursuing and hiring a diverse workforce. All qualified applicants will receive consideration for employment without regard to their race, color, culture, ethnicity, sex, gender identity and expression, nation of origin, age, veteran's status, religion, disability, sexual orientation, appearance, opinions, beliefs and more.
                  This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee. Duties, responsibilities, and activities may change or new ones may be assigned at any time with or without notice. Job may require traveling overnight, driving long distances as required, and sitting for extended periods of time with occasional walking and standing and occasionally lifting or carrying articles weighing less than 10 pounds.
                  Remote employees must be based in the United States.

Keywords: Tombras, Knoxville , Director of Information & Application Security, Executive , Knoxville, Tennessee

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Tennessee jobs by following @recnetTN on Twitter!

Knoxville RSS job feeds