Associate Director Of Information Security

Title of Position: Associate Director of Information Security

Summary of Position:

The Associate Director of Information Security works closely with the information security team and internal departments in implementing, and managing comprehensive information security strategies, policies, and programs to safeguard our company's data, systems, and networks. The ideal candidate will have a deep understanding of cybersecurity best practices, a proven track record of successfully leading security initiatives, and the ability to collaborate across departments to ensure the highest level of protection for our organization's digital assets. Exceptional communication, high-integrity and interpersonal skills are a must.

Principal Job Responsibilities:

• Strategy and Leadership:

• Execute a comprehensive information security strategy that aligns with business objectives, regulatory requirements, and industry best practices.

• Collaborate with senior leaders to communicate the importance of security initiatives and gain buy-in for security investments.

• Lead a team of cybersecurity analysts.

• Risk Management:

• Identify and assess potential security risks and vulnerabilities, conducting regular risk assessments to prioritize mitigation efforts.

• Implement risk management frameworks and controls to minimize exposure to cyber threats and incidents.

• Establish incident response plans and ensure the organization is prepared to effectively manage and recover from security incidents.

• Security Architecture:

• Maintain a robust security architecture that safeguards critical systems, data, and networks against emerging threats. Identify risks within those systems along with recommendations on how to remediate those risks.

• Evaluate and recommend security technologies, tools, and services to enhance the organization's security posture.

• Collaborate with the IT team to ensure that security measures are integrated into system and network designs.

• Compliance and Governance:

• Ensure compliance with relevant industry standards and regulatory requirements.

• Establish and maintain security policies, procedures, and guidelines that reflect current security best practices and regulatory mandates.

• Conduct regular audits and assessments to monitor adherence to security policies and controls.

• Security Awareness and Training:

• Deliver security awareness programs to educate employees about security risks and best practices.

• Vendor and Third-Party Risk Management:

• Assess the security posture of third-party vendors and partners, ensuring they meet established security requirements.

• Collaborate with departments to include security considerations in vendor contracts and agreements.

General Skills & Qualifications:

Education: A bachelor's degree in Information Security, Computer Science, or a related field. Industry-recognized certifications such as CISSP, CISM, CISA, or equivalent. Proven experience (8+ years) in information security, with at least 3-5 years in a leadership or managerial role. In-depth knowledge of cybersecurity technologies, practices, and frameworks. Excellent leadership, communication, and interpersonal skills. Demonstrated ability to influence and collaborate with cross-functional teams.

The DNA of a Gateway Leader

At Gateway, we seek to build and nurture a culture for our organization that produces and protects a God-honoring atmosphere. We lay the foundation for this cultural expression by personally living out Gateway's values and instilling them in all who work alongside us on our staff. Our values can be described by three words: spiritual, professional, and relational. By upholding these values and our social covenant, we can better serve the kingdom through our vision, mission, and purpose.

Spiritual

Being spiritual is having God-centered influence grounded in scriptural truth and empowered by the Holy Spirit. We value being teachable and humble, fostering a culture of kindness, trust, loyalty, and honor. We are also servant-hearted as we focus on building the kingdom and being full of faith to hear, believe, and obey God.

Professional

Being professional is producing high-quality work in a productive manner while operating in a culture of excellence, not perfectionism, to support Gateway's mission. We steward Gateway's vision and purpose while upholding high leadership standards regardless of position and lead with love, remaining above reproach in our conduct.

Relational

Being relational is valuing relationships over results. We show integrity by being humble, honest, trustworthy, and accountable to one another and the Lord. We are unified in supporting the needs of our organization-collaborating together, being approachable in every situation, and having fun along the way! We are also compassionate-always extending mercy and grace balanced with truth.

General Physical Requirements:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of the job. While performing the duties of this Job, the employee is regularly required to:

• Sit/stand for long periods of time

• Occasionally kneel, or crouch

• This description is not all inclusive, and other duties may be assigned as necessary.

Gateway Church does not discriminate in employment opportunities or practices on the basis of race, color, sex, national origin, age, disability, or any other characteristic protected by law as it applies to churches; however, Gateway Church does discriminate on the basis of religion.

Employment Requirement: All Staff must be a member or become a member of Gateway Church upon employment.