Ref ID: 04130-0011961934
Classification: Security Manager
Compensation: $165000.00 to $185000.00 yearly
• Responsible for identifying, evaluating reporting on, and mitigating information security risks in a manner that meets internal, compliance and regulatory requirements, and responding to incidents that may occur.
•Evaluate and test Information Security controls and leads the development, enforcement, and maintenance of policies, procedures, measures, and mechanisms to protect the confidentiality, integrity and availability of information.
• Will partner with constituents throughout the company to achieve strategic goals and ensure the appropriate balance is achieved between risk and controls.
• Oversee and coordinate security efforts across the company, including information technology, cloud operations, product engineering, processional services, human resources, legal, facilities management and other groups.
• Oversee safeguarding of intellectual property, customer information, financial transactions and computer systems.
• Manage the ongoing documentation, development, implementation, and maintenance of the company's Information Security Program Framework (ISPF), including publication of all Security Policies and oversight and collection/retention of all associated standards.
•Ensure compliance with contractual and legislative mandates through these policies and standards.
•Devise policies and procedures regarding areas such as information security, business continuity planning, loss prevention and fraud prevention, and privacy.
•Create and maintain necessary security related programs such as security awareness, business continuity, and incident management etc.
• Develop and mentor coworkers in regards to information security.
•Ensure that information security standards and policies are understood and followed.
• Understand the fundamental business activities and work with the various departments to develop appropriate information security solutions that adequately protect these activities.
Required Qualifications - About you:
We are looking for candidates who possess the combination of the following achievements, skills and behaviors:
• Thorough knowledge of all aspects of information security and compliance including SOX and SSAE 16, ISO 27001/2, and PCI.
• Solid understanding and demonstrable experience in project and security program management.
• Knowledge of the Software Development Life Cycle (SDLC).
• Solid understanding in application security, cloud security, security operations, incident response and infrastructure security
• Experience securing software solutions in the Public Cloud.
• Knowledge of networking and security technologies such as, IPSEC, VPN, routers, switches, firewalls, intrusion detection/prevention, data leakage, WAF, DNS and TCP/IP networking.
• Ability to establish and maintain relationships with individuals at all levels of the organization, in the business community and with vendors.
• Ability to lead initiatives, make decisions and drive change across the organization
• Skilled in translating technical data into business impact information.
• Proven analytical and problem solving abilities.
• Experience working in a team oriented and collaborative environment, with multifunctional business teams
• Minimum 10 years’ experience as an information security professional.