Director of Information Security

Company Description

Daxko powers health & wellness throughout the world. Every day our team members focus their passion and expertise in helping health & wellness facilities operate efficiently and engage their members.

Whether a neighborhood yoga studio, a national franchise with locations in every city, a YMCA or JCC--and every type of organization in between--we build solutions that make every aspect of running and being a member of a health and wellness organization easier and delightful. 

Job Description

As the Director of Information Security at Daxko, you will oversee and ensure the integrity, confidentiality, and availability of all data and information systems. This role requires strategic leadership, exceptional analytical skills, and a deep understanding of cybersecurity threats and countermeasures. You will lead the information security team in protecting our company’s digital assets, ensuring compliance with security regulations and standards, and ensuring the team has the aptitude to not only address today’s needs but also the needs of tomorrow.

As a leader, you will: 

• Recruit, interview, hire, and train new staff. 
• Oversee the daily workflow of the department. 
• Provide constructive and timely performance evaluations.
• Handle discipline and termination of team members in accordance with company policy. 
• Oversee departmental budgets and manage expenses related to information security for Daxko. 

You will also: 

• Develop and implement comprehensive information security strategies and policies that align with business objectives. 
• Lead the information security team to protect our production environments, software products, internal IT infrastructure, and field operations against potential threats. 
• Coordinate with technical operations and software development departments to ensure security is integrated throughout our software development life cycle. 
• Oversee the management of security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company's reputation. 
• Conduct risk assessments, security audits, and coordinate remediation plans with a focus on both current and potential future threats. 
• Collaborate with other departments to establish and maintain a consistent security posture across all platforms and systems. 
• Manage the development and implementation of IT security education and awareness programs. 
• Stay current with the latest security threats, technologies, and trends that may impact information security. 
• Serve as the primary point of contact for external auditors and agencies on all information security matters. 
• Advise senior management on security direction and resource investments. 

Qualifications

• BS in Computer Science, Information Security or a related field.
• Minimum of 8 years of experience in a combination of risk management, information security and technical operations jobs. 
• Minimum of 10 years of experience in a combination of software engineering and architectural jobs. 
• At least 5 years in a senior leadership role 
• Experience with incident response management and information security frameworks (ISO 27001, NIST, etc.), with additional knowledge of quantum-safe protocols. 
• Strong understanding of the cybersecurity landscape, including emerging threats and effective countermeasures. 
• Proven work experience as a System Security Engineer or Information Security Engineer 
• Experience in building and maintaining security systems 
• Hands on experience in firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. 
• Experience with network security and networking technologies
• Strong background with system, security, and network monitoring tools 
• Familiarity with various compliance such as PCI-DSS, SOC 1, SOC 2, GDPR among others. 
• Exposure to the payment card or financial industries. 
• Strong background in software architecture and software engineering.
• Technical knowledge of database and operating system security 

Preferred Education and Experience:

• Master’s degree preferred. 
• Hands-on experience addressing application security issues with industry best practices. 
• CISSP: Certified Information Systems Security Professional 
• CISM: Certified Information Security Manager 
• CEH: Certified Ethical Hacker 
• CompTIA Security+ 
• DSOE: DevSecOps Engineering 

Additional Information

Daxko is dedicated to pursuing and hiring a diverse workforce. We are committed to diversity in the broadest sense, including thought and perspective, age, ability, nationality, ethnicity, orientation, and gender. The skills, perspectives, ideas, and experiences of all of our team members contribute to the vitality and success of our purpose and values.

We truly care for our team members, and this is reflected through our offices, and benefits, and great perks. These perks are only for our full-time team members. Some of our favorites include:

🏝 Flexible paid time off 
⚕️ Affordable health, dental, and vision insurance options
💪 Monthly fitness reimbursement
🤑 401(k) matching
🍼 New-Parent Paid Leave
🏖 1-month paid sabbatical every 5 years
👖 Casual work environments
🏡 Remote work

All your information will be kept confidential according to EEO guidelines.

#LI-Remote