At Jam City, we are committed to maintaining the highest standards of information security and privacy to protect our people, infrastructure, applications, source code, and sensitive data. Our Information Security and Privacy Program is designed to reduce cyber risks and optimize security controls in alignment with our business objectives. As we continue to grow, we are seeking a dynamic and experienced Director of Information Security and Privacy to lead our efforts in safeguarding our assets and ensuring compliance with industry standards and best practices.
The Director of Information Security and Privacy will play a crucial role in overseeing all aspects of information security and privacy within Jam City. This person will be responsible for developing, implementing, and maintaining robust security policies, procedures, and controls to protect our assets from unauthorized access, data breaches, and other cyber threats. The Director will work closely with cross-functional teams to assess risks, identify control gaps, and implement effective security measures in line with our strategic objectives.
REQUIREMENTS
- Develop and maintain a comprehensive Information Security and Privacy Program aligned with the mission and objectives of Jam City.
- Assess cyber risks and vulnerabilities across our business environments, applications, infrastructure, and data assets.
- Implement and oversee data protection measures, including encryption, access controls, and data masking, to safeguard sensitive information.
- Define and enforce security policies, standards, baselines, guidelines, and procedures to ensure compliance with regulatory requirements and industry standards (e.g., NIST 800-53, SOC 2, SOX, COPPA, GDPR, CCPA/CPRA).
- Collaborate with internal stakeholders and external partners to identify and implement security solutions, including those provided by Managed Security Service Providers (MSSPs).
- Monitor security alerts and incidents, triage and respond to security breaches, and lead incident response efforts as necessary.
- Conduct regular security assessments, audits, and compliance reviews to evaluate the effectiveness of security controls and identify areas for improvement.
- Provide leadership and guidance to all teams across the company, on security and privacy best practices and compliance requirements.
- Partner with Legal, IT, Procurement, Finance, Facilities, and other departments to address security and privacy concerns in contractual agreements, budget planning, physical security, and incident response.
- Serve as the primary point of contact for security-related inquiries, audits, and communications with regulatory authorities, law enforcement, media, and other external stakeholders.
- Serve as the primary point of contact for data privacy inquiries, incidents, and breaches, and coordinate the appropriate response and remediation efforts.
- Stay abreast of emerging threats, vulnerabilities, and regulatory changes in the cybersecurity landscape, and proactively adapt security strategies and controls as needed.
QUALIFICATIONS
- Bachelor's degree in Information Security, Computer Science, or a related field; advanced degree and relevant certifications (e.g., CISSP, CIPP) preferred.
- 5+ years of progressive experience in information security, with a proven track record of leading security programs in complex environments.
- Strong knowledge of cybersecurity frameworks, standards, and regulations, such as NIST, SOC 2, GDPR, CCPA, SOX and others mentioned in the company's strategy.
- Experience with managing and coordinating security assessments, audits, and compliance activities.
- Excellent leadership, communication, and interpersonal skills, with the ability to collaborate effectively with diverse teams and stakeholders.
- Demonstrated ability to think strategically, analyze risks, and develop pragmatic security solutions aligned with business objectives.
- Proficiency in incident response, crisis management, and communication with internal and external stakeholders during security incidents.
In compliance with local law, we are disclosing the compensation for this role. The range listed is just one component of Jam City's total compensation package for employees, which may also include annual bonuses, short- and long-term incentives, and program-specific awards. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. Starting pay for the successful applicant will depend on a variety of job-related factors, which may include education, training, experience, certifications, location, business needs, or market demands. This range is based on a full-time position. This range may be modified in the future. In addition, Jam City provides a variety of benefits to employees, including but not limited to medical, dental, vision, parental leave, paid time off, a 401(k) plan, life, disability, and accident insurance. Pay Range: $184,000 — $231,000 salary per year.
