At LeasePlan, we are always asking What's next in mobility.
Join our team and be part of a dynamic, exciting and engaging business, so we can discover What’s next together!
The IT Director, Security is responsible for the selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and LeasePlan Corporate standards. The IT Director, Security is responsible for enforcing security policies, managing organizational risk thresholds and obtaining funding for the security program and the provisioning of operational security management and administrative services. The IT Director, Security owns implementation and monitoring of technical controls for protecting confidentiality, integrity, and availability of data. The IT Director, Security must also identify control deficiencies and implement corrective actions.
The IT Director, Security will liaise with LPUS Risk department and the LP Corp Cyber Security team to ensure local and global compliance and communicate incident and risk awareness. It is the IT Director, Security's responsibility to collaborate with and influence other leaders responsible for technology to conduct their activities in ways that support a secure technical environment. Responsibilities also include general training on how to comply with security policies and apply secure working habits.
- Lead, mentor and motivate the multi-functional IT Security Analyst and Engineering team.
- Partner with managed security service providers and other external service providers as appropriate.
- Define, operate, and improve internal IT Security controls and processes.
- Establish relevant monitoring and reporting on key performance indicators.
- Contribute in all IT audits, by sourcing control evidence from a well-organized control and artifact repository.
- Facilitate the technical hardening of endpoints, networks, and applications through the application of controls and countermeasures.
- Administration of security infrastructure and tooling, to include firewalls, intrusion prevention systems, antivirus, host encryption, email security gateway, DLP, vulnerability scanning, and similar.
- Monitoring of security alerts and coordination of organizational response to security threats and incidents
- Administer our penetration testing program, including continuous testing of applications and the coordination of treatments for identified vulnerabilities.
- Contribute to the development of the annual IT budget.
- Contribute to the IT Strategic roll-up to Corporate IT Strategy Plan.
- Lead future-state security i
- Initiatives to successful completion.
- Manage internal customer relationships and expectations both within IT and with all LPUS employees.
- Lead projects to improve information security maturity.
- Oversee disaster recovery and business continuity plans and execution as it relates to security controls within the parameters of the Business Continuity Coordinator.
- Effectively manage timekeeping, conduct timely performance appraisals and follow up, ensure all employees meet training and development goals, including any other management duties for all direct reports.
- Lead the design and implementation of new and improved security capabilities across all IT and business domains
- Communicate with co-workers, team members, management, clients and others in a courteous and professional manner. Conform with and abide by all regulations, policies, work procedures and instructions. Demonstrate reliable and predictable attendance. Other duties assigned to ensure overall departmental efficiency.
- Broad knowledge of common IT security frameworks
- Knowledge of and deep experience with security subsystems (e.g. firewalls, VPN servers. IDS/IPS, etc)
- Solid knowledge of network management and security (e.g. Security best practices)
- Knowledge of all ‘areas’ of significance to IT (e.g. Servers, Desktops, voice, Internet, application development, and web technologies, etc)
- Deep knowledge of IT facility and cloud solution management
- Strong organizational skills
- Team player – desire to contribute to various projects with ability to develop detailed project plans
- Outstanding problem identification/determination skills
- Ability to assess business impact of issues, prioritize them and act to rectify
- Ability to quickly assimilate new technologies and information
- Working knowledge of relevant standards including ISO27001, COBIT, ITIL and SOC
Education: Bachelor’s Degree required.
CISSP or CISM certification required or willing to obtain per corporate requirement
Cloud Security Platform Certifications (AWS Security Specialty, Azure Security Associate) preferred
Experience: 2-4 years of experience in managing a multi-function IT team
Minimum 8+ years of experience performing IT Cyber Security functions at an Enterprise level
Skills: Agile/Scrum experience
Leader with proven track record of initiating change in an IT organization
Excellent communication skills, both verbal and written
Presentation skills for internal and external audiences
Proactive, enthusiastic attitude toward challenging problems
Capable of quickly evaluating and prioritizing new projects alongside customer feedback
Build consensus among stakeholders
Ability to work well independently and as part of a diverse team
Ability to multi-task among various assignments
Proven success in creating strategies, processes and systems for effective organizational change
NOTE: The above statements are intended to describe the general nature and level of work being performed by the employees assigned to the classification. They are not intended to be constructed as an exhaustive list to all responsibilities, duties, and skills required of personnel so classified.
Careers at LeasePlan
LeasePlan operates across more than 30 countries. With over 55 years’ experience, LeasePlan’s mission is to provide What’s next in mobility via an ’any car, anytime, anywhere’ service.
We also believe ‘you cannot grow a business; you can only grow people who can grow the business.’ LeasePlan is proud of its culture of service and care towards customers and each other, which has endured for over 55 years. By applying to work with LeasePlan, you are joining a team where you yourself will get to play a part in building the future of our business.