Director, Information Security

Reporting to the Vice President of Infrastructure, the Director of Information Security is responsible for Axiom’s enterprise-wide Information security program development and ongoing operations. Primary duties fall in the areas of strategy and policy development, IT risk assessment, threat prevention, establishing, planning, and administering policies, goals, procedures, initiating and implementing disaster discovery programs, compliance monitoring, and incident management. The Director, Information Security is a key liaison with business stakeholders and a critical member of a strong, interdisciplinary technology team. Specific responsibilities and accountabilities include:

• Partner with Axiom’s corporate & delivery functions to ensure the enterprise information security program simultaneously enables Axiom’s business goals and strategies, while maintaining the highest level of security for corporate and client digital assets.
• Develop and disseminate security policies, standards, guidelines, and procedures needed to ensure achievement of information security & compliance objectives.
• Develop and implement enterprise risk assessment, security management, and incident response processes and procedures.
• Be involved in security investigations and recommended courses of action
• Develop strategies to handle security incidents
• Partner with Axiom’s corporate & delivery functions in identifying compliance standards to be achieved and driving the tools, configurations, audits, assurance mechanisms, and training needed to achieve
• Partner with Axiom’s corporate & delivery functions in compliance efforts, annual audits (internal & external), and reporting.
• Prepare Axiom for future certifications (e.g., ISO27001)
• Implement systems and processes for preventing, detecting, identifying, analyzing, and responding to information security incidents.
• Review vendors, hardware, software, and services being considered for acquisition or implementation to assess and mitigate security risks.
• Lead and coordinate responses to customer risk assessments, pre-sales audits, and annual reviews/audits.
• Ensure performance of contractually agreed information security controls established with outsourced providers, business partners, customers, and 3rd-parties.
• Develop, maintain, and test the efficacy of Axiom’s disaster recovery & business continuity plans.
• Inspire a collaborative, accountable, & pro-active security culture across all of Axiom.
• Provide leadership, training, and guidance to staff members.
• Prepare technical reports for executive management.
• Connect organizational requirements with security goals.

Successful candidates possess the following skills, background, and experience:

• CISA, CISSP, or CISM certification(s).
• An ability to scale your impact by building a team around yourself and partnering with
• A deep knowledge of regulatory / compliance (e.g., GDPR, EU-US Privacy Shield, etc.)
• Experience driving compliance and passing external audits for common information security management frameworks such as ISO27001 or COBIT.
• Experience implementing, managing, and prioritizing response to vulnerability scans, penetration testing exercises, IDS/IPS, DLP, firewalls, NAC, etc.
• Demonstrated ability to lead an information security management program, drive information security initiatives, and build organizational consensus/commitment.
• A Bachelor’s degree from four-year college or university with a minimum of ten years of related post- graduate work experience
• A successful track record in developing and managing relationships towards the creation of strong
• Decisiveness, good judgement, strong organization skills, project management skills, strong technical knowledge, excellent oral and written communication skills, and strong interpersonal communication
• Ability to quickly master technical as well as functional complexities & nuances of diverse applications & technologies
• Ability to travel 10-20% of the time both domestically and

Accommodation for Individuals with Disabilities: Upon request and consistent with applicable laws, Axiom will attempt to provide reasonable accommodations for individuals with disabilities who require an accommodation to participate in the application process. To request an accommodation to complete the application form, please contact us at benefits@axiomlaw.com and include “Applicant Accommodation” in the subject line.