Willis Towers Watson
Information Security Associate Director
Posted on Apr 4 Arlington, VA 447 views
The Information Security Director will oversee and support Business Security team for HWT applications, ensuring the effectiveness of security functions across legacy teams. This role involves managing SOC2, AAF, and internal security audits, unifying security processes, leading security meetings, creating security standards, and participating in client security calls. The Information Security Director will also work closely with ICS and serve as the key contact for all HWT InfoSec matters, including compliance with DORA, NYDFS, GDPR, and other regulations.
• Provide oversight and support for Business Security team, ensuring the security of HWT applications.
• Manage and support the SOC2 compliance process, ensuring all requirements are met.
• Oversee and support the AAF audit process, coordinating with relevant teams to ensure successful outcomes.
• Conduct and support internal security audits, identifying and addressing potential vulnerabilities.
• Ensure the effectiveness of security functions across all HWT legacy teams, including managing security vulnerabilities, Azure Security, Wiz, Azure Defender, RiskRecon, and other security tools.
• Unify and streamline HWT legacy security processes to ensure consistency and efficiency.
• Lead regular HWT security meetings, fostering collaboration and communication among team members.
• Develop and implement HWT security standards, ensuring they are up-to-date and effective.
• Participate in client security calls, providing support and expertise for HWT applications.
• Collaborate with the ICS team to ensure alignment on security initiatives and strategies.
• Serve as the primary contact for all HWT information security matters, addressing concerns and providing guidance.
• Act as the key contact for HWT compliance with regulatory requirements such as DORA, NYDFS, GDPR, and others, ensuring all standards are met.
• Bachelor’s degree in information security, Computer Science, or a related field is required.
• Candidates must have a minimum of 10 years of experience in information security, with at least 5 years in a leadership role.
• Strong knowledge and hands-on experience with SOC2 compliance processes are essential.
• Proven experience in managing AAF audits and conducting internal security audits is necessary.
• Expertise in Azure Security, Wiz, Azure Defender, RiskRecon, and other security functions is required.
• Excellent leadership skills, with the ability to motivate and guide a team effectively.
• Strong communication skills, both written and verbal, are crucial for this role.
• Ability to work collaboratively with cross-functional teams and stakeholders.
• A deep understanding of regulatory requirements, including DORA, NYDFS, GDPR, and others, is essential.
• Effective communication and interpersonal skills
• Strong organizational and project management abilities
• Proficiency in security tools and technologies
• Ability to lead and motivate a team
Base salary range and benefits information for this position are being included in accordance with requirements of various state/local pay transparency legislation. Please note that salaries may vary for different individuals in the same role based on several factors, including but not limited to location of the role, individual competencies, education/professional certifications, qualifications/experience, performance in the role.
The base salary compensation range being offered for this role is $120,000 to $130,000 USD per year.
The role is also eligible for an annual short-term incentive bonus.
WTW provides a competitive benefit package which includes the following (eligibility requirements apply):
Employment-based non-immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity
Responsibilities
• Provide oversight and support for Business Security team, ensuring the security of HWT applications.
• Manage and support the SOC2 compliance process, ensuring all requirements are met.
• Oversee and support the AAF audit process, coordinating with relevant teams to ensure successful outcomes.
• Conduct and support internal security audits, identifying and addressing potential vulnerabilities.
• Ensure the effectiveness of security functions across all HWT legacy teams, including managing security vulnerabilities, Azure Security, Wiz, Azure Defender, RiskRecon, and other security tools.
• Unify and streamline HWT legacy security processes to ensure consistency and efficiency.
• Lead regular HWT security meetings, fostering collaboration and communication among team members.
• Develop and implement HWT security standards, ensuring they are up-to-date and effective.
• Participate in client security calls, providing support and expertise for HWT applications.
• Collaborate with the ICS team to ensure alignment on security initiatives and strategies.
• Serve as the primary contact for all HWT information security matters, addressing concerns and providing guidance.
• Act as the key contact for HWT compliance with regulatory requirements such as DORA, NYDFS, GDPR, and others, ensuring all standards are met.
• Bachelor’s degree in information security, Computer Science, or a related field is required.
• Candidates must have a minimum of 10 years of experience in information security, with at least 5 years in a leadership role.
• Strong knowledge and hands-on experience with SOC2 compliance processes are essential.
• Proven experience in managing AAF audits and conducting internal security audits is necessary.
• Expertise in Azure Security, Wiz, Azure Defender, RiskRecon, and other security functions is required.
• Excellent leadership skills, with the ability to motivate and guide a team effectively.
• Strong communication skills, both written and verbal, are crucial for this role.
• Ability to work collaboratively with cross-functional teams and stakeholders.
• A deep understanding of regulatory requirements, including DORA, NYDFS, GDPR, and others, is essential.
Skills
• Strategic thinking and problem-solving• Effective communication and interpersonal skills
• Strong organizational and project management abilities
• Proficiency in security tools and technologies
• Ability to lead and motivate a team
Compensation and Benefits
Base salary range and benefits information for this position are being included in accordance with requirements of various state/local pay transparency legislation. Please note that salaries may vary for different individuals in the same role based on several factors, including but not limited to location of the role, individual competencies, education/professional certifications, qualifications/experience, performance in the role.
Compensation
The base salary compensation range being offered for this role is $120,000 to $130,000 USD per year.
The role is also eligible for an annual short-term incentive bonus.
Company Benefits
WTW provides a competitive benefit package which includes the following (eligibility requirements apply):
Health and Welfare Benefits:
Medical (including prescription coverage), Dental, Vision, Health Savings Account, Commuter Account, Health Care and Dependent Care Flexible Spending Accounts, Group Accident, Group Critical Illness, Life Insurance, AD&D, Group Legal, Identify Theft Protection, Wellbeing Program and Work/Life Resources (including Employee Assistance Program)Leave Benefits:
Paid Holidays, Annual Paid Time Off (includes paid state/local paid leave where required), Short-Term Disability, Long-Term Disability, Other Leaves (e.g., Bereavement, FMLA, ADA, Jury Duty, Military Leave, and Parental and Adoption Leave),Paid Time Off
Retirement Benefits:
Contributory Pension Plan and Savings Plan (401k). Certain senior level roles may also be eligible for non-qualified Deferred Compensation and Deferred Savings Plans.
