Director Security & IT Compliance Position Available In Nassau, New York

Job Description:

We are Optimum, a leader in the fast-paced world ofconnectivity, and were on the hunt for enthusiastic professionalsto join our team! We understand that connectivity isnt just aluxury anymore – its a necessity that empowers lives, fuelsbusinesses, and drives innovation. A career at Optimum means youllbe enabling progress and enhancing lives by providing reliable,high-speed connectivity solutions that keep the world connected. Weowe our success to our amazing product, commitment to our peopleand the connections we make in every community. If you areresourceful, collaborative, team-oriented and passionate aboutdelivering consistent excellence, Optimum is the Company for you!

We are Optimum! Job Summary The Security & IT Compliance Directorwill oversee and manage our company SOX, PCI, NSA and FCCcompliance framework and obligations with an emphasis on PCI. Thecandidate will have a mixture of strong security, risk and ITcompliance skills with a strong background in payments security.

The director will continually define the control objectives andmonitor compliance efforts to ensure that the company adheres tocybersecurity controls required holistically to protect ourinfrastructure as well as our payment environment. The ability toevaluate and design IT and Security controls to ensure integrity ofour SOX, PCI and other critical systems is key. The director willreview test findings within the Internal/External Audit Team,facilitate the remediation of control gaps, and escalate possiblecritical issues to senior management in the company. The Directorwill oversee a team that analyzes data pertaining to informationsystems functions relative to security framework & IT compliancedisciplines, such as Section 404 of the Sarbanes-Oxley (SOX) act,Payment Card Information (PCI), NSA DOJ requirements and oversightof FCC outage notification obligations. The director will design aholistic security and control framework that includes the people,processes and technologies required to maintain compliance. Thegoal is to maintain effective security and compliance, proactivelyprepare for future requirements and seek efficiencies wherepossible. The director will develop and lead IT security complianceprograms, ensuring adherence to regulatory and industry standardsand oversee audits, risk assessments, and compliance testing toidentify gaps and recommend corrective actions. ResponsibilitiesProvide leadership, guidance and direction to the Security & ITCompliance team and related stakeholders Manage and maintaincompliance with frameworks such as

PCI DSS, SOX, ISO 27001, NIST,SOC

2 and FCC notification requirements. Develop, implement, andmonitor security policies, procedures, and controls to ensure dataintegrity and protection. Collaborate with IT and security teams toensure technical controls align with compliance requirements.

Conduct employee training and awareness programs on IT security andcompliance best practices. Stay updated on evolving cybersecuritythreats, regulatory changes, and compliance trends. Serve as theprimary point of contact for regulatory bodies, auditors, andexternal stakeholders regarding security compliance matters. Leadincident response planning, ensuring compliance with breachnotification laws and incident reporting requirements. Providestrategic guidance to executive leadership on risk management andcompliance initiatives. Define and maintain the Security & ITCompliance framework for the various IT Compliance disciplinesincluding people, process and technologies needed to maintaincompliance Governance, Risk and Compliance Tool Process OwnerDesign/specify/implement/monitor internal controls which help toensure that AUSA is compliant with IT Compliance laws andregulations, internal policies and standards, and otherrequirements Evaluate IT controls and the remediation of controlweaknesses, communicate to respective compliance stakeholdersInvestigate, document and report all out of compliance conditionsto management Supervise the performance of risk assessments,self-audits and establish performance metrics againstcontrol-related policies and procedures Provide recommendations formeeting compliance requirements and manage any exceptions toclosure Develop multi-faceted training/awareness programs to teachstaff the importance of compliance, and the ways in whichcompliance is maintained with laws and regulations, internal ,internal policies and standards and other requirements Develop andpromote a culture of compliance in which staff act with clarifiedrequirements, embrace a unified vision of their work, maintain acommitment to quality, and generate superior work results Secure abaseline of in-scope technologies and processes and ensure regularreview of the baseline Maintain an up-to-date and thoroughunderstanding of all requirements which AUSA must comply, includinglaws and regulations, contractual commitments, internal policiesand procedures Define the process to ensure that newimplementations adhere to the appropriate controls Develop andmanage the annual compliance work plan where staff and any thirdparties/vendors generate and document all information needed in atimely manner to maintain compliance Provide oversight tocompliance activities when interacting with third parties/vendors.

Review contractual agreements, ensuring IT compliance adherence isstipulated Prepare/perform/approve performance evaluations anddevelopment plans; Interview/approve personnel for hire Maintain anongoing relationship with the SOX Audit team to handle anyescalations related to the

SOX/IT GCC

compliance Maintain anon-going relationship with business leaders. Ensure teams are incompliance with applicable IT controls Organizes education materialfor the compliance stakeholders Manage vendor relationships,ensures the vendors are responsive to company needs Negotiate withlegal on all contracts, statements of work and maintenanceagreements to ensure compliance Participate in budget planning andanalysis Qualifications Bachelors or Master’s degree in InformationSecurity, IT, Cybersecurity, or a related field 8 years ofexperience in IT security, compliance, or risk management, with atleast 3 years in a leadership role In-depth knowledge of regulatoryframeworks such as

PCI DSS, SOX, ISO

27001, NIST, GDPR, CCPA, andSOC 2 Experience leading audits and risk assessments, and workingwith external auditors Strong understanding of cybersecuritytechnologies, risk management, and data protection best practicesRelevant certifications (e.g., CISSP, CISM, CISA, CRISC is requiredSignificant experience with PCI controls or having the PCI ISA orQSA certification required Strong leadership, communication, andstakeholder management skills Ability to work cross-functionallyand drive security compliance initiatives across the organizationStrong analytical and problem-solving skills with a proactiveapproach to risk mitigation Management Skills Ability to leadacross functions and motivate a matrix Ability to lead acrossfunctions and motivate a matrix staff Ability to establishrelationships within all levels of the Company Understanding of theCompanys culture Ability to manage changing priorities Highlycreative and flexible team player with a high level of energy andcommitment Effective staff recruitment and development experienceAble to confidentially manage highly sensitive company and personalAt Optimum, were fueled by our four core pillars: Taking Ownership,Upholding Transparency, Creating Community, and DemonstratingExpertise. Our commitment to empowering employees to takeresponsibility and embrace proactive problem-solving underpinsTaking Ownership. Upholding Transparency is at the core of ourculture, with open and honest communication fostering trust amongour dedicated team and loyal customers. Creating Community is morethan a goal; its our daily commitment to fostering an environmentof collaboration, innovation, and positivity. Demonstratingexpertise is a promise we uphold through continuous learning andengagement with our customers to consistently deliver top-qualityproducts and services. These pillars not only shape our culture butdefine Optimum as a place of excellence, trustworthiness, andthriving community, and we invite you to be a part of our journey.

If you have the drive to succeed and are ready to embark on athrilling career, seize this opportunity today, and join ourwinning team, so together, well shape the future of connectivity.

All job descriptions and required skills, qualifications andresponsibilities for a particular position are subject tomodification by the Company from time to time, in the Company’sdiscretion based on business necessity. We are an Equal OpportunityEmployer committed to recruiting, hiring and promoting qualifiedpeople of all backgrounds regardless of gender, race, color, creed,national origin, religion, age, marital status, pregnancy, physicalor mental disability, sexual orientation, gender identity, militaryor veteran status, or any other basis protected by federal, state,or local law. The Company collects personal information about itsapplicants for employment that may include personal identifiers,professional or employment related information, photos, educationinformation and/or protected classifications under federal andstate law. This information is collected for employment purposes,including identification, work authorization, FCRA-compliantbackground screening, human resource administration and compliancewith federal, state and local law. This position is identified asbeing performed in/or reporting to company operations in New YorkState. Salary ranges are supplied in compliance with New York Statelaw. Pay is competitive and based on a number of job-relatedfactors, including skills and experience. The starting payrate/range at time of hire for this position in the posted locationis $155,509.00 – $222,156.00 / year. The rate/range provided hereinis the anticipated pay at the time of hire, and does not reflectfuture job opportunity.