Director, IT Governance
Date: Nov 6, 2024
Location: San Jose, California, United States
Company: Super Micro Computer
Job Req ID: 25157
About Supermicro:
Supermicro® is a Top Tier provider of advanced server, storage, and networking solutions for Data Center, Cloud Computing, Enterprise IT, Hadoop/ Big Data, Hyperscale, HPC and IoT/Embedded customers worldwide. We are the #5 fastest growing company among the Silicon Valley Top 50 technology firms. Our unprecedented global expansion has provided us with the opportunity to offer a large number of new positions to the technology community. We seek talented, passionate, and committed engineers, technologists, and business leaders to join us.
Job Summary:
Supermicro Computer, Inc. is looking for Director Information Security which focus on the security compliance areas such as ISO 27001, SOX, NIST SP800-53, Digital Asset Access and Privilege Management (DAAPM) in our headquarter located in San Jose, CA. We are seeking a highly motivated individual with a broad range of technical skills and expertise in IT security compliance, governance, and auditing. The Director Information Security is responsible for global IT security compliance, information security control, external audits which includes SOX and ISO27001, and defining the audit/compliance strategy for global team.
Essential Duties and Responsibilities:
- Develop and support information security governance policies, standards, and processes in collaboration with business and technical teams, and align them with business goals.
- Evaluate effectiveness of information security controls and recommend remediation or control re-design guidance where necessary.
- Update and drive adoption of an information security risk assessment framework and related processes; maintain Information Security risk registers and perform annual assessment
- Develop and IT audit strategy in alignment with business objectives, based on thorough understanding of our business and risk exposures
- Perform effective security risk assessments, define security risk-based audit programs and manage/lead operational audits to evaluate controls and compliance
- Deliver high quality, efficient and timely audit work in accordance with the Internal Audit
- Add value to the business through great communication and alignment with IT senior management
- Drive creation of actions to remediate deficiencies and risk mitigation plan with stakeholders
- Liaise and work closely with internal and external to manage expectations about reliant IT SOX and ISO27001 test activities
- Drive department transformation programs which may include implementing risk based auditing approaches, streamlining processes and documentation, implementing data analytics and continuous audit, improving indicators and performance metrics, audit training and team development, enhancing stakeholder and Audit Committee reporting and department budgeting processes.
Qualifications:
- Master's Degree in Information System or Cybersecurity
- 15 years’ experience in a combination of security information technology and IT security risk management
- 15 years’ leadership experience in information security policy, governance, and compliance
- Strong understanding of industry standards and regulations including: NIST, SOX, PCI, FedRAMP, ISO27001, DAAPM and others.
- Preferred Certified Information System Auditor (CISA)
Salary Range
$206,000 - $230,000
The salary offered will depend on several factors, including your location, level, education, training, specific skills, years of experience, and comparison to other employees already in this role. In addition to a comprehensive benefits package, candidates may be eligible for other forms of compensation, such as participation in bonus and equity award programs.
EEO Statement
Supermicro is an Equal Opportunity Employer and embraces diversity in our employee population. It is the policy of Supermicro to provide equal opportunity to all qualified applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or special disabled veteran, marital status, pregnancy, genetic information, or any other legally protected status.
Job Segment:
Cloud, Information Security, Manager, Data Center, Technology, Management