4 Year Degree
The Information Security Director serves as the process owner for all ongoing activities that serve to provide appropriate access to and protect the confidentiality and integrity of customer, employee, and business information in compliance with organization policies and standards.
- Develop, implement, and manage the overall enterprise process for information security strategy and associated architecture and engineering standards.
- Manage the development and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of security.
- Identify protection goals, objectives and metrics consistent with corporate strategic plan and work with leadership to prioritize security initiatives and spending based on appropriate risk management and/or financial methodology.
- Oversee the team of security employees and vendors who safeguard the company's assets, intellectual property and computer systems.
- Oversee the development of, and be the enterprise champion of, a corporate security awareness and training program.
- Perform information security risk assessments and serves as an internal auditor for security issues
- Assist Internal Audits in the development of appropriate criteria needed to assess the level of new/existing applications and/or technology infrastructure elements for compliance with enterprise security standards.
- Serve as the enterprise focal point and oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches, as necessary.
- Serve as an internal information security consultant to the organization. Assist in the review of applications and/or technology environments during the development or acquisitions process to: (a) assure compliance with corporate security policies and directions and (b) assist in the overall integration into PennyMac’s technology environment.
Work with outside consultants as appropriate for independent security audits
Required Minimum Education:
4 Year college degree (Bachelor or equivalent)
Required Minimum Experience:
Skills & Abilities: (Include any required computer skills, regulatory knowledge, certifications, licenses, languages, etc)
- Over 5 years equivalent work experience in the field of leading security teams.
- CISSP, CISM or other recognized Security Certification is preferred.
- Strong interpersonal and oral communication skills. Highly self-motivated and directed with strong organizational skills. Excellent attention to detail.
- Must be an intelligent, articulate and persuasive leader who can serve as an effective member of the senior management team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff.
- Ability to effectively prioritize and execute tasks in a high-pressure environment
- Excellent knowledge of technology environments, including information security, building security, and defense solutions
- Knowledge of applicable practices and laws relating to data privacy and protection
- Knowledge of law enforcement practices and procedures
- High level of analytical and problem-solving abilities
- Ability to conduct research into security issues and products as required.
PennyMac is an Equal Opportunity Employer