ABOUT THE ROLE:
The Information Security Manager serves as the process owner of all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee, and business information in compliance with the organization’s information security policies. A key element of the role is working with executive management to determine acceptable levels of risk for the organization. This role is responsible for establishing and maintaining a company-wide information security management program to protect information assets.
RESPONSIBILITIES:
- Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program
- Manage and maintain compliance with relevant regulations and standards including ISO 27001, and NIST.
- Manage incident response and change control processes, and escalate matters as needed.
- Develop and maintain a vulnerability management program including regular scanning and patching of systems and applications.
- Develop and maintain a secure software development lifecycle.
- Develop and enhance an information security management framework
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services
- Partner with business stakeholders across the company to raise awareness of risk management concerns.
- Review and maintain the cloud security program.
REQUIREMENTS:
- Degree in an Information Security-related field required.
- Professional security management certification (nice to have)
- Minimum of 3 years of experience in a combination of risk management, information security, and Technology.
- Knowledge of common information or cyber security frameworks, such as ISO/IEC 27001, and NIST.
- Experience with vendor negotiations.
COMPETENCIES/FUNCTIONAL/BEHAVIORAL SKILL-SET:
- Negotiation and Interpersonal skills
- Specific experience in Agile (scaled) software development or other development practices.
- Experience with Cloud computing/Elastic computing across virtualized environments.
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
- Presentation skills
- Problem Solving
- Ability to work in a fast-paced working environment