fulltimejobs.com
Jobs in Australia Jobs in Canada Jobs in China Jobs in France Jobs in Germany Jobs in India Jobs in Indonesia Jobs in Japan Jobs in Malaysia Jobs in Pakistan Jobs in Philippines Jobs in Russia Jobs in Singapore Jobs in Taiwan Jobs in Thailand Jobs in U.K. Jobs in USA Jobs in World Wide

Job Details
Email to Friend Save Back

Information Security Manager

OAK BROOK-60521, IL, US
 10/24/2020

-

Required Skills

    network protocols, frameworks
Company

Infinity Consulting Solutions, Inc

Experience

5 to 7 Year(s)

Job Description

INFORMATION SECURITY MANAGER

A national manufacturing technology firm is growing and in need of an experienced, hands-on Information Security (InfoSec) Manager to join their established team.

As the InfoSec Manager you will be responsible for Information Security leadership, technology, processes, policies, employee awareness, audit, testing and compliance.

You will work closely with the Director to develop a security roadmap, program, projects, standards, and policies that address identified risks and business security requirements.

The ideal candidate must be hands-on and able to lead implementations of IT security programs, projects and infrastructure changes with metrics for ongoing performance measurements and reporting.

You will be leading a small, local team of IT security operations center professionals to attain security program objectives and goals as well as manage 3rd party security partners and vendors including evaluation, selection, contracts, and relationships.

The InfoSec Manager should proactively stay ahead of industry regarding enterprise information security education, certification, best practices, tools for IT and connected platforms.

Excellent communication skills are required as you will be working colaboratively with executives and other internal teams in a higly visible role.

Responsibilities:

Lead the day-to-day activities of threat intelligence, vulnerability management and lab, identify risk tolerances, recommend remediation plans and communicate information about residual risk

Lead penetration testing, vulnerability scanning, and employee awareness training and testing

Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.

Champion security by design with business, IT and security teams to ensure that information security is factored into the evaluation, selection, development, installation and configuration of hardware, applications and software

Work with the Director to develop a multi-year information security strategy, program and projects that address identified risks and business security requirements; develop and manage operations and capital budget based on short- and long-term goals and objectives

Develops and implements security standards, processes and procedures, and guidelines for the security operations center and enterprise; ensures and monitors security compliance with industry and government rules and regulations

Reports security performance against established security metrics

Provide security communication, awareness and training for audiences, which may range from senior leaders to field staff

Serve as an active and consistent IT leader in information security governance; provide support and guidance for legal and regulatory compliance efforts, including audit support; assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors

Manage information security issues and incidents, and participate in problem and change management forums

Manage outsourced partners and vendors that provide information security functions for compliance with contracted service-level agreements

Manage and coordinate operational components of incident management, including detection, response and reporting

Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements

Define and ensure the implementation of technical controls to support and enforce defined security policies

Research, evaluate, design, test, recommend and plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools

Work with the enterprise architecture and infrastructure leads to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements

Protect the company's reputation by keeping information confidential

Maintain professional and technical knowledge by attending educational workshops, professional publications, establishing personal networks, and participating in professional societies

Contribute to the team effort by accomplishing related results and participating on projects as needed

Requirements:

Bachelor's Degree in computer science, information systems management, or related discipline

7+ years of progressive IT Security experience

2+ years in a people or project management capacity

Demonstrated applied knowledge in information security and compliance

7+ years of experience in running the information security program analyzing and applying information security and risk management related practices

5+ years of experience with regulatory compliance and information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.)

Strong leadership skills and the ability to work effectively with business managers, IT engineering, IT operations staff, Legal, Audit and Compliance

Experience developing and maintaining policies, procedures, standards and guidelines

Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks [Substitute as appropriate]

Strong project management skills and experience in creating and managing project plans, including budgeting and resource allocation

Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies

Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans

An understanding of operating system internals and network protocols.

Experience in application technology security testing (white box, black box and code review).

Experience in system technology security testing (vulnerability scanning and penetration testing).

Ability to travel occasionally

Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) preferred

Security Analyst
Information Technology
No Preference
FullTime Job
Other
1
Candidate Requirements
-
Bachelors
Walkin Information
-
10/23/2020
-
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY
- 
Email to friend Save Back