The Information Security Manager is responsible for developing, optimizing and managing information systems & personnel related to Cyber Security at the client.
The Information Security Manager reports to the Director of Information Security.
Responsibilities
* Manages day to day operations of MSSP vendor and team of Information Security Analysts, Administrators and engineers to ensure IS systems are monitored and secured
* Develops and delivers IS security standards, best practices and systems to ensure information security across the enterprise including network, telecom and systems.
* Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
* Provide security expertise, technical leadership, and assistance to peers and enterprise teams
* Develop and manage an enterprise-wide information security education and awareness campaign
* Ensure procedures and policies for security hardening and vulnerability patching of the organization's networks and infrastructure
* Implements procedures and methods for auditing and addressing non-compliance to information security standards.
* Evaluates the organization to ensure compliance with standards and relevance with industry security norms.
* Achieves system security operational objectives by contributing information and recommendations to strategic plans and reviews; preparing and completing action plans; implementing production, productivity, quality, and customer-service standards; resolving problems; completing audits; identifying trends; determining system improvements; implementing change.
* To document all the security policies and to promote activities and procedures to create a general awareness about the significance of security within the organization
* Regular review of site, infrastructure and application security to ensure risks are proactively managed and suitable recommendations are provided for corrective action to be taken
* Lead investigations of security violations and breaches and recommends solutions; prepares reports on intrusions as necessary and provides analysis summary to management
* Maintain and monitor SIEM (security incident and event management) systems; respond to incidents in accordance with incident response procedures
* Proven ability to lead and inspire a group as a positive role model
* Oversee a team of 5-10 people
* Ensure department is meeting its performance expectations
* Track everyone's performance and provide guidance/coaching
* Maintain appropriate staffing levels to handle workload - Conduct interviews and make hiring decisions
* Seek continuous improvement; encourage ideas to improve processes
* Manage the workflow of the team to ensure daily functions are completed timely and accurately
* Understand company and department goals, communicate goals to the team
* Lead initiatives and projects
* Streamline and standardize workflow
* Provide and participate in cross-training within the department
* Provide back-up coverage and daily support for administrators when needed
* Make accurate entries and adjustments
* Review exception reporting and documents produced by the team
* Communicate errors, unusual items, proposed solutions and process improvement opportunities
* Proactively communicate with your supervisor
* Other duties and projects, as assigned
* Information Security Management Certifications -- CISSP desired
* 8+ years direct experience in Information Security
* Experience with next generation firewall technologies
* Experience with Web Proxy, PKI, encryption technologies and standards
* Strong attention to detail
* Sense of urgency
* Excellent communication
* Associate or bachelor's degree
* At least 3 years' experience successfully leading a team
* A background in banking, finance or accounting
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.