This job has expired and you can't apply for it anymore. Start a new search.
Company Name:
Approximate Salary:
Per Year
Location:
Milwaukee, Wisconsin
Country:
United States
Industry:
Accounting/Finance
Position type:
Full Time
Experience level:
Entry Level
Education level:
Bachelor's Degree

Director of Information Security

Baird is seeking a proven leader to provide the strategic direction and integrity of a firm-wide Information Security Program. You will coordinate the development, maintenance, enhancement and execution while leading change and driving results across long lived projects and short term tactical problem solving. You will utilize well-rounded business operations knowledge and respond to complex information security-related questions and inquiries from internal and external clients. You will engage with diverse stakeholders, motivate project team members, build and develop talent, and collaborate with business teams as a solution partner. Success will come from previous experience with Information Security initiatives for mid-to-large scale organizations, including developing and monitoring information security policies and programs, managing multiple projects in information security, privacy and data leakage protection. Utilizing expertise in third party vendor assessments, due diligence reviews and technology evaluations will be critical to success.

As a Director of Information Security you will:

Information Security:
  • Identify and assess significant information security risks. Plan, coordinate and maintain an Information Security program for Baird globally, including developing and monitoring of information security policies; facilitating information security governance; executing ongoing risk assessment processes; investigating breaches; managing relevant budgets and advancing the program in a culturally aware style that improves likelihood of success at Baird.
  • Identify, develop, and maintain information security and related third party due diligence processes across the organization to reduce risks, respond to incidents, and limit exposure to liability.
  • Master an understanding of the regulatory and audit requirements with respect to information security issues, ensuring security program compliance with relevant laws, regulations and policies.
  • Stay current on changes in the financial services industry, Baird products and services, and information security terms, concepts, practices, and policies.
  • Address or escalate information security issues and concerns to the Chief Risk Officer. Keep senior management apprised of the status of information security issues and initiatives.
  • Communicate and collaborate effectively with vendors, clients and stakeholders to address complex information security and related third party due diligence issues by finding a way to balance diverse stakeholder interests into practical solutions.
  • Support information security awareness throughout the organization to educate associates on information security risks and solutions; influence stakeholders to best outcomes.
  • Advise Business-IT project teams on specific information security approaches and requirements
  • Assist the IT department as necessary with Baird's technical infrastructure including the information security architecture, network architecture, system security designs and management of information security systems.
  • Develop close working relationships with management, company peers, and industry counterparts to ensure alignment of company goals with current information security industry and regulatory trends.
  • Calmly, succinctly and comprehensively assist with or lead information security tactical crisis management activities.
Privacy:
  • Provide, develop, guide and/or assist in the identification, implementation and maintenance of organization information privacy policies and procedures in coordination with legal, compliance and business management.
  • Participate in the development, implementation and ongoing compliance monitoring of vendor agreements to ensure privacy concerns, requirements and responsibilities are addressed.
  • Establish and administer a process for receiving documents, tracking, investigating and taking action on all complaints concerning the organization's privacy policies and procedures in coordination and collaboration with other similar functions and when necessary, legal counsel.
  • Ensure compliance with privacy practices and consistent application of discipline for failure to comply with privacy policies for all individuals in the firm, extended workforce and for all business associates, in cooperation with appropriate stakeholders.
  • Work with all organization personnel involved with any aspect of release of protected information to ensure full coordination and cooperation under organizations policies and process and legal requirements.
  • Maintain current knowledge of applicable federal and state privacy laws and monitors advancements in information privacy technologies to ensure organizational adaption and compliance.

Insurance:
  • Manage corporate insurance programs including international operations.
  • Work with finance, legal, operations, facilities and business units and IT management to identify and evaluate the company's insurance risks.
  • Negotiate and recommend most cost-effective options for appropriate limit, retention and premium rates.
  • Review policies and identify and analyze risks mitigation and transfer.
  • Manage third party service providers, including brokers and insurers. Monitor and resolve outstanding claims.
  • Manage insurance data for reports and coordinate data gathering for renewals and new coverage.
  • Understand when issues must be elevated and clearly communicate recommendations.

What makes this opportunity great:
  • Information Security is a key firm initiative and this role is critical to firm success.
  • Highly visible leadership role with opportunity to work across the firm.
  • Unique culture that values diverse backgrounds and perspectives while emphasizing teamwork and a strong sense of partnership.
What we look for:
  • Bachelor's degree in related area required. Minimum of 5-7 years prior experience working with Information Security required. Two or more years of previous management experience beneficial.
  • Understanding of Financial Services in the areas in which Baird competes, and specifically Baird's businesses, would be ideal.
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Global Information Assurance Certification (GIAC) or equivalent security certifications desired.
  • In-depth knowledge of information security and privacy concepts and their application in specific areas, including NIST and ISO 27001 frameworks. In-depth knowledge of information security technologies and architectures and their application to mitigate specific environmental risks within the network, systems and data structures.
  • Must be flexible, fast learner, self-aware in diverse group situations, calm under fire, and have proven histories of exhibiting credibility, inspiring trust and influencing stakeholders to attain best outcomes in complex organizations as well as in small groups.
  • Ability to innovate and execute projects independently.
  • Expert knowledge of specific technologies and associated information security considerations. Advanced understanding of industry-related information security products, services, and practices.
  • Strong teamwork and team building skills. Proven track record of developing solid working-relationships with associates at all levels.
  • Excellent oral and written communication skills.