Sr Director, IT Risk Mgt

Sr Director, IT Risk Mgt

Responsibilities
Job Summary:

The Sr. Director of IT Risk Management is responsible for global information technology risk and compliance for DTG. This position will lead all aspects of Information Technology Services strategy and execution relating to IT Security, Risk Management and Compliance while leading a team of professionals covering all aspects of threat & risk identification, mitigation planning strategy, policy definition and compliance programs.

The Sr. Director is accountable for ensuring the security, privacy, and proper safekeeping of DTG corporate data, for the creation of appropriate policies and for ensuring adequate control provisions are in place. The Sr. Director is also accountable for measuring IT compliance status, specifying corrective actions and providing management with compliance assurance through regular reporting on status and corrective actions. The Sr. Director ensures that the company's technical infrastructure and information processing is in compliance with state and federal laws, regulations, company policies, licensing and contractual obligations. This position has direct authority for compliance and remediation prioritization within the IT department.


Responsibilities/Essential Functions:

-Develop, implement, and oversee industry-standard best practices for all IT assets controls, maintain awareness of new threats and changing regulations and standards, and establish and enforce policies related to the creation, modification, and deletion of user privileges.
-Develop and implement policies to ensure that risk identification strategies and control provisions are in place; oversee periodic vulnerability assessments and provide oversight to maintain the integrity of business critical systems.
-Work with internal and external auditors to ensure compliance with the Sarbanes Oxley Act, the PCI Security Standards Council, SAS70 reporting and other applicable regulations; oversee related activities between ITTS, user departments, outsourcer and Internal Control and ensure audit frameworks are applied to all documentation and remediation efforts.
-Maintain information technology security architecture including oversight of technical/automated (e.g., access control, authentication, encryption, deterrence measure, etc) and non-technical security controls.
-Evaluate, develop, and maintain data Information security controls, conduct and document the results of security access audits and monitor gap resolution including End Point/Server Patch Management, virus/vulnerability scans internal and external penetration testing, firewall scans and computer Incident Response.
-Work with users, infrastructure and application teams, service delivery partners, and business clients to implement security solutions for operating systems, applications and security hardware.
-Develop, implement and communicate security strategies policies, controls, standards, guidelines and plans to executive team, staff, partners, customers, and stakeholders.
-Design, perform and document security access audits independently and in conjunction with internal and external auditors.
-Serve as the policy and development leader in the development, maintenance, and testing of enterprise wide Business Continuity planning and for IT Disaster Recovery planning.
-Initiate actions to create security awareness throughout the organization and design, develop and maintain security awareness and developer training programs.
-Select, assign, train and evaluate subordinate personnel and recommend or initiate personnel actions.
Qualifications
Required Skills:

-Broad knowledge of information security principals, disaster recovery plan development practices and procedures.
-Knowledge of auditing tools and techniques, technical infrastructure including computer systems, networks, databases and operating systems; and business application systems development, acquisition, implementation and maintenance practices.
-Strong interpersonal skills with the ability to deal effectively with people at all organizational levels and external vendors.
-Broad knowledge of ITTS data security, including technology systems, infrastructure and related security exposures.
-Excellent oral and written communication skills.
-Demonstrated organizational, time, and project management skills.
-Ability to effectively manage subordinate personnel.
-Advanced skill and proficiency in the use of personal computer software programs including spreadsheet, database, and word processing applications.
-Demonstrated experience in executing a compliance program or internal audit approach.
-Demonstrated experience in executing a practical risk management framework.

Preferred Skills:

-Breadth of IT and IT Management experience and broad consulting skills.
-Management Consulting and/or Experience with Risk Management and/or Contingency Planning
-Governance process knowledge

Required Education/Experience:

-4 Year / Bachelors Degree
-Business, Accounting, Computer Science or a related discipline.
-Direct applicable experience may be substituted for a degree at a rate of two years experience for each one year of education.
-At Least 8 Years with progressive Information Systems experience.

Preferred Certifications:

Certified Information Systems Auditor (CISA) certification. Certified Information Systems Professional (CISSP) certification, Certified Information Systems Manager (CISM), Certified Business Continuity Professional (CBCP), Project Management Professional (PMP) certified, Expose and use of Cobit, ITIL, Agile/Lean, CMMI, Six Sigma, and ISO17799 management frameworks.
DTAG Marketing Statement
Dollar Thrifty Automotive Group, Inc., a Fortune 1000 company and leader in the rental car industry, has its corporate headquarters in Tulsa, OK. We respect and value our employees, and recognize that they are the key to our success. We strive to provide a positive work environment and recognize and celebrate our achievements.
Benefits
Dollar Thrifty Automotive Group, Inc. Employee Benefit Plan provides a very comprehensive and industry-competitive health care benefit package to employees including medical, dental, vision, basic life insurance, accidental death and dismemberment insurance, supplemental life insurance, as well as short term and long term disability insurance.

The Plan also provides for a Health Flexible Spending Account and a Dependent Flexible Spending Account. In addition to the benefits described above, Dollar Thrifty also offers a 401(k) Retirement Savings Program that includes an employer match.

The Dollar Thrifty Employee Benefit Plan allows you the flexibility to elect benefits that best fit your individual and family needs.
Equal Employment Opportunity
Dollar Thrifty Automotive Group, Inc. is an equal opportunity employer and will not discriminate on the basis of race, color, religious creed, national origin, ancestry, age, gender, disability, medical condition or marital status or other protected status.
Closing Statement
Thank you for your interest in Dollar Thrifty Automotive Group, Inc. We appreciate your visit to our Career Site. If you have interest and would like to be considered for any of our career opportunities, please apply on-line.