Description

About the Role

Bounteous x Accolite is seeking a Director of Information Security to safeguard its digital infrastructure and ensure compliance with global data protection standards. This strategic leadership position will support internal teams and clients by enforcing robust security protocols, managing vulnerabilities, and driving continuous improvements in incident response and threat detection.

Key Responsibilities:

• Drive awareness and enforcement of information security best practices
• Assess, report, and mitigate risks related to information confidentiality, integrity, and availability
• Ensure data privacy and protection compliance (e.g., GDPR, CCPA)
• Manage penetration testing, vulnerability assessments, and threat management
• Support lines of business in responding to client security assessments and certifications (SOC, ISO, etc.)
• Collaborate with IT, infrastructure, supplier risk, and cyber defense teams to address security questions
• Lead deployment of detection and compliance solutions across the organization
• Maintain and update incident response and disaster recovery plans
• Manage third-party vendor security evaluations
• Conduct security audits and ensure entitlement processes are followed
• Analyze breaches and implement long-term mitigation strategies

Required Skills:

• 10+ years of experience in information security, IT audits, or related fields
• Deep understanding of modern security tools and platforms (preferably from Gartner’s Magic Quadrant)
• Strong knowledge of vulnerability management and incident response
• Demonstrated experience with certifications such as CISSP, CISA, CISM (preferred)
• Excellent communication, problem-solving, and influencing skills
• Strong time management and ability to meet demanding deadlines
• Collaborative mindset with experience working across cross-functional teams
• Proficiency in Microsoft Office 365

Key Skills:

Information Security, Risk Management, SOC 2, ISO 27001, Compliance, CISM, CISSP, CISA, Penetration Testing, Incident Response, Cybersecurity, Vulnerability Management, Governance, Security Audits, Data Protection, Privacy Laws, Cloud Security, Third-Party Risk

Preferred Skills:

• Experience handling client security audits and third-party risk assessments
• Exposure to SOC/ISO compliance implementation
• Hands-on experience with penetration testing tools and incident remediation
• Strategic thinking with an eye for execution and accountability