GES - Global Experience Specialists
Director of IT Security
GES - Global Experience Specialists, Nevada, Iowa, United States, 50201
Overview
Director of IT Security
role at
GES - Global Experience Specialists
is a remote opportunity in the United States. GES is a global exhibition services company with a legacy spanning over 90 years and teams throughout North America, Europe, and the Middle East. We create influential exhibitions worldwide, delivering strategy, audiovisuals, accommodations, and creative designs to propel commerce, education, and community.
Our mission is to deliver extraordinary exhibition experiences through simple, user-friendly services and best-in-class execution. Members of the Global IT Team affect real changes across the GES global network and have a direct, positive impact on the overall user experience. The IT Team supports the broader business divisions across the GES Collective family of companies, including GES, Spiro, and onPeak, across all operating geographies worldwide.
GES is seeking an experienced and technically skilled IT Director of Security who will shape and drive the organization’s security strategy, risk posture, and governance framework. This leadership, hands-on role ensures the confidentiality, integrity, and availability of enterprise systems, data and infrastructure. Working cross-functionally with IT, risk, compliance, and other business teams, the Director aligns security initiatives with strategic business priorities, regulatory standards, and emerging threat landscapes. The Director will also lead the organization’s PCI compliance program. The Director will report to the VP for Global Infrastructure and is a remote opportunity in the US, with a preference to be filled in Las Vegas, NV.
Responsibilities
Security Strategy Development: Design, implement, and manage a comprehensive security strategy that aligns with organizational goals and industry best practices.
Strategic Leadership: Define and lead the execution of the cybersecurity roadmap in alignment with corporate goals and compliance requirements. Act as a trusted advisor to executive leadership on cybersecurity risks, investments, and emerging threats.
Technical Leadership: Act as a hands-on leader, addressing complex technical challenges, managing security incidents, and guiding the team through advanced security implementations.
Security Operations: Manage day-to-day security operations, including threat detection, incident response, and vulnerability management.
Governance & Policy: Develop and enforce cybersecurity policies, standards, and procedures. Foster a culture of security awareness through targeted training and engagement initiatives.
PCI Compliance Expertise: Ensure the organization adheres to PCI DSS requirements, including conducting assessments, managing validation efforts, and overseeing secure payment systems.
Risk & Compliance Management: Implement and maintain a cybersecurity risk management framework, ensure adherence to industry and regulatory standards such as HIPAA and GDPR.
Team Collaboration: Work closely with IT and operations teams amongst the several companies within the GES Collective to integrate security practices, ensuring seamless functionality and protection.
Technology and Architecture: Work with the Security Architect to evaluate, implement and manage security technologies such as SIEM, IAM, DLP and MDR solutions. Guide the secure design of IT infrastructure and ensure robust cloud security practices across on-premises, Azure and other platforms.
Incident Response: Lead the organization’s incident response efforts, performing root cause analysis and driving improvements to prevent future occurrences.
Qualifications
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent experience.
A minimum of 10 years of experience in cybersecurity roles, with at least 5 years in a leadership position.
Extensive knowledge and hands-on experience with PCI DSS compliance.
Deep understanding of security frameworks such as NIST, GDPR, and CIS Controls.
Strong technical background in network security, endpoint protection, vulnerability management, and secure cloud implementations.
Demonstrated expertise in leading enterprise-scale cybersecurity programs and operations.
Experience with security tools such as SIEMs, firewalls, IDS/IPS, and endpoint detection platforms.
Technical Proficiency: Ability to solve complex security issues, configure tools, and optimize security protocols.
Thought Leadership: Strong thought leadership, team leadership, and mentorship capabilities to guide the security team effectively.
Communication: Excellent verbal and written communication skills to articulate security risks and strategies to stakeholders, including non-technical teams.
Analytical Thinking: Sharp analytical skills to assess vulnerabilities and strategize mitigation efforts.
Decision-Making: Confidence in making critical decisions under pressure during incidents.
PCI DSS Experience: Including building, maintaining and reporting of PCI DSS programs.
Key Security Tool Experience: including endpoint protection, SIEM, SETA, ESG, and email security tools.
Prevention Management Experience: Demonstrated expertise in developing and implementing proactive strategies to identify, assess, and mitigate risks, ensuring operational continuity and regulatory compliance.
Threat intelligence knowledge: Experienced in collecting, analyzing, and operationalizing threat intelligence to proactively identify cyber threats, assess risks, and enhance organizational security posture, including dark web monitoring and brand intelligence.
Work Environment Our team members are our family, so we help our team members care for their families. We offer a comprehensive benefits package to all full-time employees. Here are some of the highlights:
Competitive salaries
401K with company match
Healthcare/vision/dental insurance
Wellness benefits
Career development program
Employee assistance program
Vacation time
Community involvement opportunities
Team activities
Details
Seniority level: Director
Employment type: Full-time
Job function: Information Technology
Industries: Events Services
#J-18808-Ljbffr
role at
GES - Global Experience Specialists
is a remote opportunity in the United States. GES is a global exhibition services company with a legacy spanning over 90 years and teams throughout North America, Europe, and the Middle East. We create influential exhibitions worldwide, delivering strategy, audiovisuals, accommodations, and creative designs to propel commerce, education, and community.
Our mission is to deliver extraordinary exhibition experiences through simple, user-friendly services and best-in-class execution. Members of the Global IT Team affect real changes across the GES global network and have a direct, positive impact on the overall user experience. The IT Team supports the broader business divisions across the GES Collective family of companies, including GES, Spiro, and onPeak, across all operating geographies worldwide.
GES is seeking an experienced and technically skilled IT Director of Security who will shape and drive the organization’s security strategy, risk posture, and governance framework. This leadership, hands-on role ensures the confidentiality, integrity, and availability of enterprise systems, data and infrastructure. Working cross-functionally with IT, risk, compliance, and other business teams, the Director aligns security initiatives with strategic business priorities, regulatory standards, and emerging threat landscapes. The Director will also lead the organization’s PCI compliance program. The Director will report to the VP for Global Infrastructure and is a remote opportunity in the US, with a preference to be filled in Las Vegas, NV.
Responsibilities
Security Strategy Development: Design, implement, and manage a comprehensive security strategy that aligns with organizational goals and industry best practices.
Strategic Leadership: Define and lead the execution of the cybersecurity roadmap in alignment with corporate goals and compliance requirements. Act as a trusted advisor to executive leadership on cybersecurity risks, investments, and emerging threats.
Technical Leadership: Act as a hands-on leader, addressing complex technical challenges, managing security incidents, and guiding the team through advanced security implementations.
Security Operations: Manage day-to-day security operations, including threat detection, incident response, and vulnerability management.
Governance & Policy: Develop and enforce cybersecurity policies, standards, and procedures. Foster a culture of security awareness through targeted training and engagement initiatives.
PCI Compliance Expertise: Ensure the organization adheres to PCI DSS requirements, including conducting assessments, managing validation efforts, and overseeing secure payment systems.
Risk & Compliance Management: Implement and maintain a cybersecurity risk management framework, ensure adherence to industry and regulatory standards such as HIPAA and GDPR.
Team Collaboration: Work closely with IT and operations teams amongst the several companies within the GES Collective to integrate security practices, ensuring seamless functionality and protection.
Technology and Architecture: Work with the Security Architect to evaluate, implement and manage security technologies such as SIEM, IAM, DLP and MDR solutions. Guide the secure design of IT infrastructure and ensure robust cloud security practices across on-premises, Azure and other platforms.
Incident Response: Lead the organization’s incident response efforts, performing root cause analysis and driving improvements to prevent future occurrences.
Qualifications
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent experience.
A minimum of 10 years of experience in cybersecurity roles, with at least 5 years in a leadership position.
Extensive knowledge and hands-on experience with PCI DSS compliance.
Deep understanding of security frameworks such as NIST, GDPR, and CIS Controls.
Strong technical background in network security, endpoint protection, vulnerability management, and secure cloud implementations.
Demonstrated expertise in leading enterprise-scale cybersecurity programs and operations.
Experience with security tools such as SIEMs, firewalls, IDS/IPS, and endpoint detection platforms.
Technical Proficiency: Ability to solve complex security issues, configure tools, and optimize security protocols.
Thought Leadership: Strong thought leadership, team leadership, and mentorship capabilities to guide the security team effectively.
Communication: Excellent verbal and written communication skills to articulate security risks and strategies to stakeholders, including non-technical teams.
Analytical Thinking: Sharp analytical skills to assess vulnerabilities and strategize mitigation efforts.
Decision-Making: Confidence in making critical decisions under pressure during incidents.
PCI DSS Experience: Including building, maintaining and reporting of PCI DSS programs.
Key Security Tool Experience: including endpoint protection, SIEM, SETA, ESG, and email security tools.
Prevention Management Experience: Demonstrated expertise in developing and implementing proactive strategies to identify, assess, and mitigate risks, ensuring operational continuity and regulatory compliance.
Threat intelligence knowledge: Experienced in collecting, analyzing, and operationalizing threat intelligence to proactively identify cyber threats, assess risks, and enhance organizational security posture, including dark web monitoring and brand intelligence.
Work Environment Our team members are our family, so we help our team members care for their families. We offer a comprehensive benefits package to all full-time employees. Here are some of the highlights:
Competitive salaries
401K with company match
Healthcare/vision/dental insurance
Wellness benefits
Career development program
Employee assistance program
Vacation time
Community involvement opportunities
Team activities
Details
Seniority level: Director
Employment type: Full-time
Job function: Information Technology
Industries: Events Services
#J-18808-Ljbffr