Provides leadership and guidance in developing, coordinating, and implementing security strategies and solutions for the AARP enterprise infrastructure. Safeguards the confidentiality, availability, and integrity of AARP's information assets and technology ecosystem. Collaborates with colleagues in ITS and other key stakeholders across the enterprise to execute on projects and initiatives in the Information Security roadmap. Manages AARP’s security architecture and security tools, security and risk advisory consulting for the business, support for regulatory requirements and IT-related audits, and coordination of investigations and audit of information security breaches.
- Develops information security standards, policies, and protocol to ensure that information assets are protected from unauthorized and inappropriate use or access.
- Directs team members in the evaluation, selection, installation, and configuration of security solutions.
- Provides guidance and oversight for the execution of Information Security initiatives, specifically outlining technical and strategic solutions to ensure roadmap elements are executed.
- Identifies, understands, and assesses security risk factors in the protection of information assets and identifies plan of action to mitigate and address these risks, as appropriate.
- Develops and oversees execution of third-party security program and policies to ensure eligibility to receive and manage organizational information assets.
- Coordinates with operational groups and business units to identify and implement measures to prevent or detect security incidents or breaches.
- Performs incident response and investigation activities, as needed or requested over security incidents and/or security breaches.
- Manages and monitors compliance with information security policies and procedures.
- Works in partnership with ITS senior leaders on initiatives related to security to continuously improve Information Security processes and delivery by anticipating issues, providing advice, and sharing knowledge and best practices.
- Develops relationships with ITS leaders and business partners to align with AARP objectives.
As a people manager, this position is expected to develop and exhibit our AARP Values and Behaviors and competencies, as well as fully participate in all management training initiatives. This position has the responsibility for direct management of AARP employees which entails, but is not limited to:
- conducting regular one-on-one meetings to assign, manage and review individual work;
- organizing team meetings to communicate critical departmental and organizational information;
- facilitating the annual performance management cycle including performance and development assessments and conversations;
- directing ongoing recognition and compensation, as well as annual merit and incentive planning decisions
- enforcing compliance with all enterprise policies and guidelines, including timesheet review and approval;
- partnering in the recruiting process;
- managing enterprise assets and budgets; and
- Addressing employee relations and performance issues, with timely engagement of HR Business Partner.
- or an equivalent combination of training and experience related to the duties of the position. Certification in Information Security (CISSP or CISM) practices and policies preferred.
- Demonstrates leadership expertise to execute on strategic direction, as well as significant depth of technical expertise in information security solutions.
- Leadership experience managing direct reports.
- In-depth experience and knowledge of enterprise and technologies, including but not limited to VPNs, network security, encryption, authentication, application-level network protocols, PKI, IPSec, Firewall, SSH, SSL, DES, LAN/WAN, and TCP/IP.
- In-depth knowledge of information security regulations applicable to organizations, i.e. HIPPA, PCI DSS, and various State Privacy Laws.
AARP offers competitive benefits with a 401K, 100% company funded pension plan, health, dental, vision and life insurance, STD/LTD, paid vacation and sick, and other benefits.
AARP is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. AARP does not discriminate on the basis of race, ethnicity, religion, sex, color, national origin, age, sexual orientation, gender identity or expression, mental or physical disability, genetic information, veteran status, or on any other basis prohibited by applicable law.