Voci Technologies (Voci) enables enterprises to extract actionable intelligence from their voice communication. We are passionate about human to human communication, and focused on building the world’s best platform for speech analytics. The company’s speech recognition engine runs orders of magnitude faster and with greater accuracy than alternatives, providing all data in an open format that allows for effortless integration with any existing analytics platform. Voci’s domain- and data-specific speech intelligence solutions meet business requirements for customer experience (including: call center operations, compliance, surveys), visual voicemail, and eDiscovery. For more information, visit https://vocitec.com/.
The Director of Information Security will be responsible for development, oversight and execution of the company’s information security strategy including key processes, practices, and standards necessary to mitigate and/or reduce compliance, operational, strategic, financial and reputational security risks. This position will ensure that security controls and considerations are consistent and remain relevant throughout the organization to protect the company, its people, intellectual assets and property. This position will strive to achieve regulatory compliance with PCI DSS, HIPPA, and FedRAMP as needed.
- Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program with the COO to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the Company;
- Provide overall information security management direction to the company. Manage all due diligence for the security function;
- Direct and manage Protection and Payment Card Industry (PCI)/Data Security Standard (DSS) compliance efforts in partnership with Voci's CFO and COO;
- Create a process to periodically update policies and procedures to ensure they accurately reflect business requirements and align to industry leading security practices;
- Develop and implement the security governance model by following industry best practices such as ISO 27002, NIST Cyber Security Framework, or NIST 800-53 to achieve desired security maturity model;
- Maintain current knowledge of Cyber threat actors, attack methodologies and mitigation/remediation methods;
- Develop, maintain and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices;
- Develop and establish executive dashboard reporting on Cyber Security events and trends and publish to senior management and key stakeholders;
- Strengthen the processes and procedures to aggregate logs, correlate events, and detect incidents;
- Perform access reviews across all applications to help better understand where unauthorized access is granted and can be removed;
- Manage IT Support to oversee the internal office systems;
- Conduct periodic vulnerability scanning process and penetration tests;
- Execute key tasks and projects, ensuring that they stay on track with goals and timelines.