Sr Director of Information Security (GRC) in Miami, FL at Lennar

Date Posted: 6/30/2024

Job Snapshot

  • Employee Type:
  • Location:
    Miami, FL
  • Experience:
    Not Specified
  • Date Posted:
  • Job ID:
  • Category:
  • Company:

Job Description

The Sr. Director of Information security is a critical member of the Lennar Enterprise Security Office (ESO). This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected. This role will leverage and mature critical teams of the ESO which includes, Security Operations, Governance Risk & Compliance, Security Engineering and Physical Security to support the Lennar functional and organizational goals.

Principal Duties and Responsibilities: Security Engineering & Architecture:

- Develop and execute a comprehensive trust based security strategy to protect our digital infrastructure, data, and assets.

- Lead design and implementation of information security principles, ensuring access controls, network segmentation, and identity verification are integrated into all systems and processes.

- Collaborate with cross-functional teams to ensure continuous monitoring, anomaly detection, and data protection.

- Ensure that all security measures are integrated into cloud-based and on-premises systems.

- Collaborate with IT and development teams to align security with business goals.

Security Operations:

- Lead all aspects of the strategy, daily operations, and advancement of the Security Operations function and focus on proactive threat detection, prevention, and response, through Threat Intelligence, Threat Hunting, Security Information and Event Management (SIEM) monitoring, investigations and Incident Response.

- Enhance and maintain an incident response plan, ensuring rapid and effective responses to security incidents.

- Coordinate with internal and external stakeholders to investigate, contain, and remediate security breaches.

- Conduct post-incident analysis to identify vulnerabilities and improve incident response procedures.

Risk Assessment and Mitigation:

- Identify potential security risks and vulnerabilities within the organization.

- Conduct regular risk assessments, including threat modeling and vulnerability assessments.

- Develop and implement risk mitigation strategies, ensuring compliance with industry standards and regulations.

- Enforce compliance with relevant regulations and standards in collaboration with the Compliance team. Leadership & Culture Development:

- Develop relationships cross functionally to understand business priorities and barriers, and work together to create plans that can be successfully executed.

- Foster a culture of cybersecurity awareness and best practices across the organization.

- Provide leadership and mentorship to the cybersecurity team, promoting professional growth and a commitment to excellence.

- Champion cybersecurity initiatives at all levels of the company, advocating for security as a core business value.

- Customer-Facing and Team Management: - Interact with customers to understand their security requirements and provide assurance on our security posture.

- Manage and lead a customer-facing cybersecurity team, ensuring exceptional service and client satisfaction. Cybersecurity Delivery Owner:

- Plan, execute, and oversee cybersecurity projects, ensuring they are completed on time and within budget.

- Collaborate with cross-functional teams and stakeholders to achieve project goals.

- Ability to work alongside team members and roll-up sleeves as part of project

Education and Experience Requirements:

- A minimum of 15 years of IT experience, minimum 8 years of which need to be in an information security leader role

- Bachelor’s degree in IS or relevant field is required or relevant experience required, a Master’s degree in IS or relevant field is preferred

- Professional security management certification, in one or more of the following – - Certified Information Security Manager (CISM)

- Certified Information Systems Security Professional (CISSP)

- Equivalent or similar  

Physical Requirements:   This is primarily a sedentary office position which requires the incumbent to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary. Travel is required.  

Additional Requirements:  

- Demonstrated experience in platform and perimeter security, network architecture, cloud security, and product security design.

- Deep understanding of security frameworks, protocols, and best practices. Proficiency in security technologies, risk assessment, compliance standards, relevant regulations (e.g., NIST)

- Strong ability to influence and work cross functionally to drive business initiatives. - Strong understanding of current cybersecurity threats, trends, and best practices.

- Excellent team leadership and management skills with a track record of building and leading high-performing cybersecurity teams.

- Exceptional communication and interpersonal skills to engage with stakeholders at all levels of the organization.  

Lennar is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws.    

This description outlines the basic responsibilities and requirements for the position noted. This is not a comprehensive listing of all job duties of the Associates. Duties, responsibilities and activities may change at any time with or without notice.  


Lennar is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws.