Manager, Information Security
ICW Group has an excellent opportunity for a Manager, Information Security. This person will be developing, implementing and driving compliance both technical security and technical risk management across the enterprise. This is not only a challenging opportunity for someone but one that allows for team building, working cross functionally among ICW Group’s departments and for innovation. We are looking for in depth technical knowledge in security engineering, system and network security and authentication and encryption protocols.
- Do you like to solve problems?
- Do you have fluency with at least one scripting language?
- Can you communicate complex quantitative analysis in a clear, precise and actionable manner?
What You Will be Doing (Core Responsibilities):
- Leads the process of developing a program vision for the future
- Responsible for managing risks related to information security, physical security, business continuity planning, crisis management, privacy, and compliance.
- Participates in a committee that brings together key security and risk stakeholders to develop and review enterprise security and risk strategies
- Coordinates with technology and business groups to assess, implement, and monitor IT-related security risks/hazards
- Understands the trade-offs required to manage the different levels of information security risk tolerance and risk exposure across the organization and balance this with risk investments
- Reports security performance against established security metrics and service level agreements
- Understands “voice of the customer” and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end-users so that policy can align with need
- Evaluate documented resolutions and analyze trends for ways to prevent future problems
- Cultivate, disseminate, and enforce policies, standards and procedures
- Evaluate documented resolutions and analyze trends for ways to prevent future problems Ensures all staff members are trained on enterprise and industry-regulated security requirements through awareness programs.
- Creates an information security awareness program to customize communication tools and campaigns for each business unit and integrated services group
- Monitors regulatory compliance with enterprise security policies and educates business unit leaders and service managers on compliance efforts
- Lead security training and communicate policies. Manage team of highly skilled security professionals with strong team dynamics.
- Provide direction, guidance, instruction, and leadership to members of the Security Team
- Develop individual goals and related development plans for the Security Team
- Establish and maintain strong relationships with diverse stakeholders and customers
- Lead by promoting a culture of collaboration, continuous improvement, quality and accountability
- Motivates and manages team in support of the organization’s cyber security goals
- Fosters and builds a collaborative working relationship with various stakeholders
Directly manages more than two employees. Carries out manager responsibilities in accordance with Company policies and applicable laws. These responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; conducting performance and salary reviews; rewarding and disciplining employees; addressing complaints and resolving problems.
Education and/or Experience
- Bachelor of Science degree and five (5) years of related IT and information security experience or equivalent combination of education and experience.
- Required professional certifications: CISSP
- Preferred professional certifications: GCIH, GCIA, CEH, GPEN, Security +.
- Experience in cyber security with working knowledge of data analysis, risk assessment and mitigation, investigation methods, incident management concepts and practices, with background in intrusion detection and forensic analysis.
- Possess technical ability to use and manage Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, SIEM, Network Behavior Analysis tools, Antivirus, Network Packet Analyzers, Malware analysis and forensics tools. Knowledgeable in networking and proven experience in Windows and Linux environments, including Group Policy and Active Directory.
- Demonstrable track record for taking initiative and getting things done under minimal supervision.
- Knowledge of national regulatory compliances and frameworks such as ISO, SOX, HIPAA, and PCI.
If this sounds like you, please apply! We’d love to hear from you.
Office environment – no specific or unusual physical or environmental demands and employees are regularly required to sit, walk, stand, talk, and hear.
This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment.
Back to top