Director Security & IT Compliance

Are you looking to Optimize your life? Start your exciting path to a rewarding career today!
We are Optimum, a leader in the fast-paced world of connectivity, and we're on the hunt for enthusiastic professionals to join our team! We understand that connectivity isn't just a luxury anymore - it's a necessity that empowers lives, fuels businesses, and drives innovation. A career at Optimum means you'll be enabling progress and enhancing lives by providing reliable, high-speed connectivity solutions that keep the world connected. We owe our success to our amazing product, commitment to our people and the connections we make in every community.
If you are resourceful, collaborative, team-oriented and passionate about delivering consistent excellence, Optimum is the Company for you!
We are Optimum!
Job Summary
The Security & IT Compliance Director will oversee and manage our company SOX, PCI, NSA and FCC compliance framework and obligations with an emphasis on PCI. The candidate will have a mixture of strong security, risk and IT compliance skills with a strong background in payments security. The director will continually define the control objectives and monitor compliance efforts to ensure that the company adheres to cybersecurity controls required holistically to protect our infrastructure as well as our payment environment. The ability to evaluate and design IT and Security controls to ensure integrity of our SOX, PCI and other critical systems is key. The director will review test findings within the Internal/External Audit Team, facilitate the remediation of control gaps, and escalate possible critical issues to senior management in the company. The Director will oversee a team that analyzes data pertaining to information systems functions relative to security framework & IT compliance disciplines, such as Section 404 of the Sarbanes-Oxley (SOX) act, Payment Card Information (PCI), NSA DOJ requirements and oversight of FCC outage notification obligations. The director will design a holistic security and control framework that includes the people, processes and technologies required to maintain compliance. The goal is to maintain effective security and compliance, proactively prepare for future requirements and seek efficiencies where possible. The director will develop and lead IT security compliance programs, ensuring adherence to regulatory and industry standards and oversee audits, risk assessments, and compliance testing to identify gaps and recommend corrective actions.
Responsibilities

• Provide leadership, guidance and direction to the Security & IT Compliance team and related stakeholders
• Manage and maintain compliance with frameworks such as PCI DSS, SOX, ISO 27001, NIST, SOC 2 and FCC notification requirements.
• Develop, implement, and monitor security policies, procedures, and controls to ensure data integrity and protection.
• Collaborate with IT and security teams to ensure technical controls align with compliance requirements.
• Conduct employee training and awareness programs on IT security and compliance best practices.
• Stay updated on evolving cybersecurity threats, regulatory changes, and compliance trends.
• Serve as the primary point of contact for regulatory bodies, auditors, and external stakeholders regarding security compliance matters.
• Lead incident response planning, ensuring compliance with breach notification laws and incident reporting requirements.
• Provide strategic guidance to executive leadership on risk management and compliance initiatives.
• Define and maintain the Security & IT Compliance framework for the various IT Compliance disciplines including people, process and technologies needed to maintain compliance
• Governance, Risk and Compliance Tool Process Owner
• Design/specify/implement/monitor internal controls which help to ensure that AUSA is compliant with IT Compliance laws and regulations, internal policies and standards, and other requirements
• Evaluate IT controls and the remediation of control weaknesses, communicate to respective compliance stakeholders
• Investigate, document and report all out of compliance conditions to management
• Supervise the performance of risk assessments, self-audits and establish performance metrics against control-related policies and procedures
• Provide recommendations for meeting compliance requirements and manage any exceptions to closure
• Develop multi-faceted training/awareness programs to teach staff the importance of compliance, and the ways in which compliance is maintained with laws and regulations, internal , internal policies and standards and other requirements
• Develop and promote a culture of compliance in which staff act with clarified requirements, embrace a unified vision of their work, maintain a commitment to quality, and generate superior work results
• Secure a baseline of in-scope technologies and processes and ensure regular review of the baseline
• Maintain an up-to-date and thorough understanding of all requirements which AUSA must comply, including laws and regulations, contractual commitments, internal policies and procedures
• Define the process to ensure that new implementations adhere to the appropriate controls
• Develop and manage the annual compliance work plan where staff and any third parties/vendors generate and document all information needed in a timely manner to maintain compliance
• Provide oversight to compliance activities when interacting with third parties/vendors. Review contractual agreements, ensuring IT compliance adherence is stipulated
• Prepare/perform/approve performance evaluations and development plans; Interview/approve personnel for hire
• Maintain an ongoing relationship with the SOX Audit team to handle any escalations related to the SOX/IT GCC compliance
• Maintain an on-going relationship with business leaders. Ensure teams are in compliance with applicable IT controls
• Organizes education material for the compliance stakeholders
• Manage vendor relationships, ensures the vendors are responsive to company needs
• Negotiate with legal on all contracts, statements of work and maintenance agreements to ensure compliance
• Participate in budget planning and analysis

Qualifications

• Bachelor's or Master's degree in Information Security, IT, Cybersecurity, or a related field
• 8+ years of experience in IT security, compliance, or risk management, with at least 3 years in a leadership role
• In-depth knowledge of regulatory frameworks such as PCI DSS, SOX, ISO 27001, NIST, GDPR, CCPA, and SOC 2
• Experience leading audits and risk assessments, and working with external auditors
• Strong understanding of cybersecurity technologies, risk management, and data protection best practices
• Relevant certifications (e.g., CISSP, CISM, CISA, CRISC is required
• Significant experience with PCI controls or having the PCI ISA or QSA certification required
• Strong leadership, communication, and stakeholder management skills
• Ability to work cross-functionally and drive security compliance initiatives across the organization
• Strong analytical and problem-solving skills with a proactive approach to risk mitigation

Management Skills

• Ability to lead across functions and motivate a matrix
• Ability to lead across functions and motivate a matrix staff
• Ability to establish relationships within all levels of the Company
• Understanding of the Company's culture
• Ability to manage changing priorities
• Highly creative and flexible team player with a high level of energy and commitment
• Effective staff recruitment and development experience
• Able to confidentially manage highly sensitive company and personal

At Optimum, we're fueled by our four core pillars: Taking Ownership, Upholding Transparency, Creating Community, and Demonstrating Expertise. Our commitment to empowering employees to take responsibility and embrace proactive problem-solving underpins Taking Ownership. Upholding Transparency is at the core of our culture, with open and honest communication fostering trust among our dedicated team and loyal customers. Creating Community is more than a goal; it's our daily commitment to fostering an environment of collaboration, innovation, and positivity. Demonstrating expertise is a promise we uphold through continuous learning and engagement with our customers to consistently deliver top-quality products and services. These pillars not only shape our culture but define Optimum as a place of excellence, trustworthiness, and thriving community, and we invite you to be a part of our journey.
If you have the drive to succeed and are ready to embark on a thrilling career, seize this opportunity today, and join our winning team, so together, we'll shape the future of connectivity.
All job descriptions and required skills, qualifications and responsibilities for a particular position are subject to modification by the Company from time to time, in the Company's discretion based on business necessity.
We are an Equal Opportunity Employer committed to recruiting, hiring and promoting qualified people of all backgrounds regardless of gender, race, color, creed, national origin, religion, age, marital status, pregnancy, physical or mental disability, sexual orientation, gender identity, military or veteran status, or any other basis protected by federal, state, or local law.
The Company collects personal information about its applicants for employment that may include personal identifiers, professional or employment related information, photos, education information and/or protected classifications under federal and state law. This information is collected for employment purposes, including identification, work authorization, FCRA-compliant background screening, human resource administration and compliance with federal, state and local law.
Applicants for employment with The Company will never be asked to provide money (even if reimbursable) as part of the job application or hiring process. Please review our Fraud FAQ for further details.
This position is identified as being performed in/or reporting to company operations in New York State. Salary ranges are supplied in compliance with New York State law. Pay is competitive and based on a number of job-related factors, including skills and experience. The starting pay rate/range at time of hire for this position in the posted location is $155,509.00 - $222,156.00 / year. The rate/range provided herein is the anticipated pay at the time of hire, and does not reflect future job opportunity.
Nearest Major Market: Long Island
Nearest Secondary Market: New York CIty