• A minimum of ten years of IT experience, with five years in an information security role and at least two years in a supervisory capacity.
• A bachelor's degree in information systems or equivalent work experience; an or M.S. in information security is preferred.
• Certified Information Systems Security Professional (CISSP, ISC or CISM).
• Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff.
• A strong understanding of the business impact of security tools, technologies and policies.
• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel; in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies.