Super Micro Computer
Sr. Director, IT Governance
Super Micro Computer, San Jose, California, United States, 95199
Sr. Director, IT Governance
Date:
Dec 5, 2024 Location:
San Jose, California, United States Company:
Super Micro Computer Job Req ID: 25157
About Supermicro:
Supermicro is a Top Tier provider of advanced server, storage, and networking solutions for Data Center, Cloud Computing, Enterprise IT, Hadoop/ Big Data, Hyperscale, HPC and IoT/Embedded customers worldwide. We are the #5 fastest growing company among the Silicon Valley Top 50 technology firms. Our unprecedented global expansion has provided us with the opportunity to offer a large number of new positions to the technology community. We seek talented, passionate, and committed engineers, technologists, and business leaders to join us.
Job Summary:
Supermicro Computer, Inc. is looking for a Director of Information Security focusing on security compliance areas such as ISO 27001, SOX, NIST SP800-53, Digital Asset Access and Privilege Management (DAAPM) in our headquarters located in San Jose, CA. We are seeking a highly motivated individual with a broad range of technical skills and expertise in IT security compliance, governance, and auditing. The Director of Information Security is responsible for global IT security compliance, information security control, external audits including SOX and ISO27001, and defining the audit/compliance strategy for the global team. Essential Duties and Responsibilities:
Develop and support information security governance policies, standards, and processes in collaboration with business and technical teams, and align them with business goals. Evaluate the effectiveness of information security controls and recommend remediation or control redesign guidance where necessary. Update and drive adoption of an information security risk assessment framework and related processes; maintain Information Security risk registers and perform annual assessments. Develop an IT audit strategy in alignment with business objectives, based on a thorough understanding of our business and risk exposures. Perform effective security risk assessments, define security risk-based audit programs and manage/lead operational audits to evaluate controls and compliance. Deliver high quality, efficient, and timely audit work in accordance with the Internal Audit. Add value to the business through great communication and alignment with IT senior management. Drive the creation of actions to remediate deficiencies and risk mitigation plans with stakeholders. Liaise and work closely with internal and external parties to manage expectations about reliant IT SOX and ISO27001 test activities. Drive department transformation programs which may include implementing risk-based auditing approaches, streamlining processes and documentation, implementing data analytics and continuous audit, improving indicators and performance metrics, audit training and team development, enhancing stakeholder and Audit Committee reporting and department budgeting processes. Qualifications:
Master's Degree in Information Systems or Cybersecurity. 15 years of experience in a combination of security information technology and IT security risk management. 15 years of leadership experience in information security policy, governance, and compliance. Strong understanding of industry standards and regulations including: NIST, SOX, PCI, FedRAMP, ISO27001, DAAPM and others. Preferred Certified Information System Auditor (CISA). Salary Range:
$206,000 - $230,000
The salary offered will depend on several factors, including your location, level, education, training, specific skills, years of experience, and comparison to other employees already in this role. In addition to a comprehensive benefits package, candidates may be eligible for other forms of compensation, such as participation in bonus and equity award programs.
EEO Statement:
Supermicro is an Equal Opportunity Employer and embraces diversity in our employee population. It is the policy of Supermicro to provide equal opportunity to all qualified applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or special disabled veteran, marital status, pregnancy, genetic information, or any other legally protected status. #J-18808-Ljbffr
Dec 5, 2024 Location:
San Jose, California, United States Company:
Super Micro Computer Job Req ID: 25157
About Supermicro:
Supermicro is a Top Tier provider of advanced server, storage, and networking solutions for Data Center, Cloud Computing, Enterprise IT, Hadoop/ Big Data, Hyperscale, HPC and IoT/Embedded customers worldwide. We are the #5 fastest growing company among the Silicon Valley Top 50 technology firms. Our unprecedented global expansion has provided us with the opportunity to offer a large number of new positions to the technology community. We seek talented, passionate, and committed engineers, technologists, and business leaders to join us.
Job Summary:
Supermicro Computer, Inc. is looking for a Director of Information Security focusing on security compliance areas such as ISO 27001, SOX, NIST SP800-53, Digital Asset Access and Privilege Management (DAAPM) in our headquarters located in San Jose, CA. We are seeking a highly motivated individual with a broad range of technical skills and expertise in IT security compliance, governance, and auditing. The Director of Information Security is responsible for global IT security compliance, information security control, external audits including SOX and ISO27001, and defining the audit/compliance strategy for the global team. Essential Duties and Responsibilities:
Develop and support information security governance policies, standards, and processes in collaboration with business and technical teams, and align them with business goals. Evaluate the effectiveness of information security controls and recommend remediation or control redesign guidance where necessary. Update and drive adoption of an information security risk assessment framework and related processes; maintain Information Security risk registers and perform annual assessments. Develop an IT audit strategy in alignment with business objectives, based on a thorough understanding of our business and risk exposures. Perform effective security risk assessments, define security risk-based audit programs and manage/lead operational audits to evaluate controls and compliance. Deliver high quality, efficient, and timely audit work in accordance with the Internal Audit. Add value to the business through great communication and alignment with IT senior management. Drive the creation of actions to remediate deficiencies and risk mitigation plans with stakeholders. Liaise and work closely with internal and external parties to manage expectations about reliant IT SOX and ISO27001 test activities. Drive department transformation programs which may include implementing risk-based auditing approaches, streamlining processes and documentation, implementing data analytics and continuous audit, improving indicators and performance metrics, audit training and team development, enhancing stakeholder and Audit Committee reporting and department budgeting processes. Qualifications:
Master's Degree in Information Systems or Cybersecurity. 15 years of experience in a combination of security information technology and IT security risk management. 15 years of leadership experience in information security policy, governance, and compliance. Strong understanding of industry standards and regulations including: NIST, SOX, PCI, FedRAMP, ISO27001, DAAPM and others. Preferred Certified Information System Auditor (CISA). Salary Range:
$206,000 - $230,000
The salary offered will depend on several factors, including your location, level, education, training, specific skills, years of experience, and comparison to other employees already in this role. In addition to a comprehensive benefits package, candidates may be eligible for other forms of compensation, such as participation in bonus and equity award programs.
EEO Statement:
Supermicro is an Equal Opportunity Employer and embraces diversity in our employee population. It is the policy of Supermicro to provide equal opportunity to all qualified applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or special disabled veteran, marital status, pregnancy, genetic information, or any other legally protected status. #J-18808-Ljbffr