16 Mar
Manager of Information Security
Vacancy expired!
- Develop, implement, and monitor a strategic comprehensive enterprise information security and IT risk management program
- Interview, hire, and allocate staff and perform periodic performance evaluations
- Facilitate individual and group staff meetings
- Prepare and submit payroll
- Direct efforts towards the achievement of strategic and operational objectives
- Guide and make recommendations on strategic direction
- Take part in all departmental goals and strategy development
- Identify opportunities for automation standardization cost savings and business improvement
- Identify gaps and develop strategy and operational plans in support of security mission
- Oversee functional metric reporting
- Manage resolution of reporting problems
- Manages Governance Risk Compliance activities surrounding policies, exceptions, risk register, and compliance requirements such as PCI, HIPAA, and JC
- Create, maintain, and publish up-to-date security policies, standards, and guidelines
- Manage vendor relations
- Aid in negotiation and management of contracts with outside vendors
- Create roadmaps for all enterprise security technologies
- Ensure proper documentation is in place for all security standards, procedures, and hardening for a wide range of products
- Ensure preparedness for external audits
- Collaborate with third parties to evaluate Information Security practices
- Develops assists and reviews with preparation and monitoring of IS Security budgets.
- Maintains up-to-date technical knowledge by attending seminars vendor presentations and reading professional literature.
- Participate in quality improvement teams and other such committees
- Oversees training and dissemination of security policies and practices
- Participate in Demonstrations/Presentations and Benchmarks
- Act as liaison between information security team and corporate compliance, audit, finance, legal, marketing, operations, and HR management teams as needed
- Ensure security programs are compliant with relevant laws regulations and policies to eliminate or minimize risk and audit findings
- Other related duties as required
- Bachelor’s degree in Information Systems or Management; advanced degree preferred
- At least 3 of the following certifications: CISM, CISSP, CRISC, GIAC, Security+
- At least 10 years of overall IS experience
- At least 5 years of working experience in an IS role
- At least 2 years of related supervisory/management experience in a similar environment
- In depth understanding of risk assessment protocols and development of appropriate assessment models
- Expert knowledge of third-party vendor security risk management and cyber supply chain management
- Experience with vendor management selection and contracts
- Expert knowledge of regulatory requirements, risk, and industry standards associated with emerging technology, authentication capabilities, network design/security, cloud computing environment, the dark web, and IoT
- Knowledge of network infrastructure including routers switches firewalls and the associated network protocols and concepts
- Familiarity with leading Information Security industry frameworks (ie: NIST ISO SANS) and Information Security and Data governance models
- Expert level knowledge of Microsoft Excel
- Expert presentation and reporting skills
- Excellent interpersonal and customer service skills
- Excellent professional written and oral communication skills
Vacancy expired!