Director of IT Security

THIS IS A REMOTE OPPORTUNITY IN THE US.

GES, Global Experience Specialists LLC, is a global exhibition services company with a legacy spanning over 90 years and teams throughout North America, Europe, and the Middle East. We create some of the most influential exhibitions in the world - think international medical symposiums, industry leading exhibitions for technology, manufacturing that help communities meet, educate, and move their mission forward. From initial strategy to show-stopping audio visual, accommodations to award winning creative designs - and every detail in between - we create shows that propel commerce, education, and community!

Our mission is to deliver extraordinary exhibition experiences through simple, user-friendly services and best-in-class execution.

Members of the Global IT Team affect real changes across the GES global network, and have a direct, positive impact on the overall user experience. You will have first-hand experience on multiple technology areas and services.

The IT Team supports the broader business divisions across the GES Collective family of companies, including GES, Spiro, and onPeak, across all of our operating geographies worldwide.

GES is seeking an experienced and technically skilled IT Director of Security who will be responsible for shaping and driving the organization's security strategy, risk posture, and governance framework. This leadership, hands-on role ensures the confidentiality, integrity, and availability of enterprise systems, data and infrastructure. Working cross-functionally with IT, risk, compliance, and other business teams, the Director aligns security initiatives with strategic business priorities, regulatory standards, and emerging threat landscapes. The Director will also lead the organization's Payment Card Industry (PCI) compliance program. The Director will report to the VP for Global Infrastructure and is a US remote opportunity, with a preference to be filled in Las Vegas, NV.

Responsibilities:

• Security Strategy Development: Design, implement, and manage a comprehensive security strategy that aligns with organizational goals and industry best practices.
• Strategic Leadership: Define and lead the execution of the organization's cybersecurity roadmap in alignment with corporate goals and compliance requirements. Act as a trusted advisor to executive leadership on cybersecurity risks, investments, and emerging threats.
• Technical Leadership: Act as a hands-on leader, addressing complex technical challenges, managing security incidents, and guiding the team through advanced security implementations.
• Security Operations: Manage day-to-day security operations, including threat detection, incident response, and vulnerability management.
• Governance & Policy: Develop and enforce cybersecurity policies, standards, and procedures. Foster a culture of security awareness through targeted training and engagement initiatives.
• PCI Compliance Expertise: Ensure the organization adheres to PCI DSS requirements, including conducting assessments, managing validation efforts, and overseeing secure payment systems.
• Risk & Compliance Management: Implement and maintain a cybersecurity risk management framework, ensure adherence to industry and regulatory standards such as HIPAA and GDPR.
• Team Collaboration: Work closely with IT and operations teams amongst the several companies within the GES Collective to integrate security practices, ensuring seamless functionality and protection.
• Technology and Architecture: Working in conjunction with the Security Architect to evaluate, implement and manage security technologies such as SIEM, IAM, DLP and MDR solutions. Guide the secure design of IT Infrastructure and ensure robust cloud security practices across various compute platforms including on-premises, Azure and other platforms.
• Incident Response: Lead the organization's incident response efforts, performing root cause analysis and driving improvements to prevent future occurrences.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, or similar experience.
• A minimum of 10 years of experience in cybersecurity roles, with at least 5 years in a leadership position.
• Extensive knowledge and hands-on experience with PCI DSS compliance.
• Deep understanding of security frameworks such as NIST, GDPR, and CIS Controls.
• Strong technical background in network security, endpoint protection, vulnerability management, and secure cloud implementations.
• Demonstrated expertise in leading enterprise-scale cybersecurity programs and operations.
• Experience with security tools such as SIEMs, firewalls, IDS/IPS, and endpoint detection platforms.
• Technical Proficiency: Ability to solve complex security issues, configure tools, and optimize security protocols.
• Thought Leadership: Strong thought leadership, team leadership, and mentorship capabilities to guide the security team effectively.
• Communication: Excellent verbal and written communication skills to articulate security risks and strategies to stakeholders, including non-technical teams.
• Analytical Thinking: Sharp analytical skills to assess vulnerabilities and strategize mitigation efforts.
• Decision-Making: Confidence in making critical decisions under pressure during incidents.
• PCI DSS Experience: Including building, maintaining and reporting of PCI DSS programs
• Key Security Tool Experience: including endpoint protection, SIEM, SETA, ESG, and email security tools.
• Prevention Management Experience: Demonstrated expertise in developing and implementing proactive strategies to identify, assess, and mitigate risks, ensuring operational continuity and regulatory compliance.
• Threat intelligence knowledge: Experienced in collecting, analyzing, and operationalizing threat intelligence to proactively identify cyber threats, assess risks, and enhance organizational security posture, including dark web monitoring and brand intelligence.

Work Environment:

Our team members are our family, so we help our team members care for their families. The rewards of joining GES are extensive. We offer a comprehensive benefits package to all full-time employees. Here are some of the highlights:

• Competitive salaries
• 401K with company match
• Healthcare/vision/dental insurance
• Wellness benefits
• Career development program
• Employee assistance program
• Vacation time
• Community involvement opportunities
• Team activities

And much more...