Associate Vice President, Information Security, CNET Networks (San Francisco) The AVP, Information Security will design and implement a security policy and methodology for all CNET solutions, products and services. The successful candidate will champion CNET policies to internal and external sources and work with Engineering and Operations to ensure the appropriate implementation of policies. The AVP, Information Security will also prepare and deliver a monthly security risk assessment for CNET products and services. The AVP, Information Security will be responsible for the following: Overseeing development of standards for information security architecture for long-term development and planning, procedures and guidelines. Recommending a security technology roadmap and integration plan in support of CNET's business objectives. Leading the formulation and execution of infrastructure security designs, providing guidance for business initiatives involving cutting edge application of security technologies. Leading information security design efforts and translates specific business requirements into risk-based, cost- effective solutions. Assist in building Security business case. Ensure CNET solutions, products and services are developed and delivered with enterprise-grade security in mind and that security best practices are followed. Working with Operations and Engineering to implement and maintain the security model and methodologies for CNET. Managing personnel and contractors to implement IT security solutions as needed. Evaluating and determining best practices to optimize development of security solutions for e-business environments, with an emphasis on customer requirements, including confidentiality, integrity, and recoverability. Providing top-level technical-expert guidance to IT Management, Executive Management and IT associates. Staying current with security trends and solutions and recommending technologies for implementation, upgrades, repairs, modifications, or replacement. Coordinating security architecture with disaster recovery and business continuation planning. Representing CNET interests as a security expert to the external world. Representing CNET security model and methodologies to internal employees. Assessing IT security threats and business risks. Stay current of potential security threats, work to develop counter measures and keep appropriate CNET departments and managers assessed of the risks. Representing CNET in all applicable, security related standards bodies/initiatives. Qualifications: The AVP, Information Security must have demonstrable experience in the design, engineering and implementation of security solutions in large, complex network environments, intranets, extranets, virtual private networks, and the Internet. The successful candidate will also have: Extensive knowledge and experience with unix, networking and Internet technologies. Excellent knowledge of the IT security products, technologies and architectures. A good understanding of software development technologies and practices, networking, distributed systems, applications, databases, and security processes. In-depth knowledge of the design and implementation for several of the following security systems, tools and methodologies: Public Key Infrastructures, intrusion detection systems, incident response teams, security forensics, rule-base access control systems, encryption, smart cards, penetration testing, vulnerability assessments, and virtual private networks. Impeccable oral and written communication skills. 5+ years in the security arena. Experience with Solaris and Linux required. Experience with NT a plus. CISSP, GSE, and/or CISA certification is preferred Education: BS in Engineering, MS Preferred. email your resume to [EMAIL PROTECTED]
