Director of Security - Hybrid in Atlanta, GA (3x per week)
Optomi, in partnership with a leading distributor in North America is looking to add a Director of Security to their team! The Director of Security will be responsible for developing and implementing comprehensive security policies, procedures, and technologies to protect the organization's assets, data, and infrastructure. This role requires a dynamic leader with a strong background in security management, incident response, risk assessment, and regulatory compliance.
The Director of Security will start with no direct reports, but will help build out the risk program and eventually build a team underneath them. This person will start by helping the company complete their CMMC certification, work on improving any 3rd party risk questionnaires, document policies, and review annual pen tests. This role is for someone familiar working in a small environment and is comfortable wearing multiple hats as this program gets built out.
The ideal candidate will have strong CMMC knowledge and experience building programs in the past.
What You Will Do:
Develop and implement a strategic security program to protect the organization's data, infrastructure, and assets.
Ensure alignment of security initiatives with business objectives.
Establish security goals, objectives, and metrics to measure effectiveness.
Create, review, and update security policies, standards, guidelines, and procedures.
Ensure policies are compliant with industry standards and regulatory requirements.
Conduct regular risk assessments and vulnerability analyses.
Develop risk mitigation strategies and ensure compliance with relevant laws and regulations (e.g., GDPR, HIPAA, PCI-DSS).
Lead the incident response team in the detection, response, and remediation of security incidents.
Develop and maintain an incident response plan, including disaster recovery and business continuity plans.
Collaborate with IT, legal, compliance, and business units to integrate security into all business processes.
Serve as the primary point of contact for all security-related matters within the organization.
Evaluate, select, and manage security vendors and service providers.
Oversee the implementation and maintenance of security technologies.
What You Will Need:
Education: Bachelor's degree in Information Security, Computer Science, or a related field.
Minimum of 5 years of experience in security management
Certifications: Preferred certifications include CISSP, CISM, CISA, CEH, GIAC, or similar
Strong knowledge of CMMC compliance
Strong knowledge of security frameworks (e.g., NIST, ISO 27001).
Strong knowledge of CIS 18
Vendor management experience
Proficient in risk assessment and management, incident response, and regulatory compliance.
Excellent leadership, communication, and interpersonal skills.
Ability to work under pressure and handle multiple priorities.