Director, Information Security - The J.G. Wentworth Company : Job Details

Remote / Hybrid Schedule Job Opportunity from Chesterbrook, PA

Director, Information Security Summary

The Director of Information Security is responsible for developing and implementing comprehensive security policies, procedures, and strategies to protect our data, systems, and infrastructure from internal and external threats. The ideal candidate will possess extensive technical knowledge, proven leadership experience, and a proactive approach to risk management. This role requires a high level of accuracy, ownership, urgency, and professionalism.

• Develop and execute a comprehensive information security strategy aligned with business objectives and regulatory requirements.
• Report to executive leadership on security status, risks, and incidents, and make strategic recommendations for improvement.
• Stay informed on evolving cybersecurity threats, trends, and technologies, and assess their impact on the organization.
• Lead and manage the information security team, including hiring, mentoring, and professional development.
• Establish and enforce security policies, standards, and procedures to protect sensitive data and ensure compliance with industry regulations.
• Lead the planning, coordination, and execution of third-party audits, including SOC 2 Type II, ensuring all required controls are implemented, tested, and properly documented.
• Act as the primary point of contact for external auditors, managing evidence collection, walkthroughs, and issue remediation to ensure successful audit outcomes.
• Facilitate completion of security due diligence questionnaires and vendor risk assessments as needed.
• Establish, maintain, and report on security metrics.
• Oversee the selection, implementation, and maintenance of security technologies such as firewalls, intrusion detection systems, endpoint protection, and SIEM tools.
• Manage all scheduled information security activities—such as vulnerability scans and penetration tests—to ensure a secure environment and maintain compliance with 3rd party and regulatory expectations.
• Collaborate with technology teams to prioritize and remediate identified vulnerabilities.
• Ensure secure coding standards are defined, maintained, and followed across all development teams.
• Collaborate with technology teams to develop and document secure configurations, secure coding practices, patch management procedures, and other relevant configurations that aid in maintaining a secure environment.
• Implement and oversee software development governance with a focus on secure development lifecycle (SDLC) practices, including code reviews and security testing.
• Lead incident response efforts, including detection, containment, investigation, and recovery from security breaches.
• Oversee disaster recovery and information security response tabletop exercises.
• Collaborate with IT, legal, compliance, and other business units to integrate security best practices into all operations.
• Oversee the security awareness training program to educate employees on best practices and policies, promoting a strong security culture across the organization.
• Perform other duties as assigned.

Education Requirements

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or an equivalent combination of education and experience
• 8+ years of experience in information security roles, with at least 3 years in a leadership capacity
• Relevant industry recognized certifications are a plus (CISSP, CISM, Security+, etc).

Knowledge, Skills and Abilities:

• Strong knowledge of cybersecurity frameworks (NIST, ISO 27001) and regulatory compliance.
• Fundamental understanding of operating systems, monitoring systems, systems logging, networks, databases, and cloud resources.
• Experience with cloud security (AWS, Azure, GCP) and DevSecOps practices.
• Excellent communication skills, with the ability to present technical information to non-technical stakeholders.
• Excellent analytical, critical thinking, and problem-solving abilities.
• Ability to work effectively, independently and within a team environment.
• Experience in financial services industry preferred.

The skills mentioned above only describe the essential job functions and are not intended to be a complete list of all duties and responsibilities. All job functions must be performed in accordance with The J.G. Wentworth Company policies and procedures.

Benefits:

• Full Medical/Vision/Dental Benefits
• 401K with Company Match
• Flexible Hybrid or Remote Schedule
• 15 Days PTO
• Paid Holidays
• An Unmatched Company Culture
• On-Site Gym & Gym Membership Reimbursement
• Monthly, Quarterly and Annual Bonuses
• Employee Referral Bonuses
• Public Transportation Discounts
• Company Happy Hours
• Business Casual Dress Code

Start building your career with J.G. Wentworth today!

J.G. Wentworth is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.

This policy applies to all employment practiceswithin our organization, including hiring, recruiting, promotion, termination,layoff, recall, leave of absence, compensation, benefits, training, andapprenticeship. J.G. Wentworth makes hiring decisions based solely onqualifications, merit, and business needs at the time.