Manager Information Security
About The Position
The ISS Team is seeking a candidate who possesses the ability to coordinate assessment and audit activities, identify current and potential security risks, and lead information security remediation activities (i.e. enable mitigating and compensating controls). The ideal candidate will have a good foundation in regulatory standards and information security framework requirements that shape the requirements and standards in the Financial Services sector, including FFIEC, SOX, ISO, NIST-CSF, and PCI. The candidate will be a champion of the information security policy, standards, and procedures which define or Information Security Program.
Requirements
- Bachelor's degree or equivalent (4-years).
- 5-7 years of Information Security experience or relevant experience.
- Demonstrated experience influencing, leading, and coaching to delivery of technology solutions without direct leadership responsibility.
- Deep and broad technical background with 3-5+ years of experience of progressive scope/impact/responsibility (including both hands-on and leadership roles) working with security technologies and infrastructures (eg. Archer, ServiceNow, Aveksa, CyberArk, Broadcom/Symantec, etc.)
Nice To Haves
- Certifications Preferred: CISSP, CISA, CISM or CRISC; or equivalent security certification.
- Strong presentation skills with proven ability to successfully interface with and influence at all levels (executives and technical staff).
- Ability to effectively deliver technical information to non-technical audiences.
- Experience working in a multi-vendor environment.
- Administrator or Developer experience.
Responsibilities
- Identify current and/or potential security risks and develop, implement, drive and optimize security solutions, methodologies, policies and/or practices.
- Weigh business needs against security concerns, work with broader information security team to make recommendations and clearly articulate options (including benefits and risks) to business partners, decision makers and key stakeholders.
- Conduct regular, comprehensive application and system security risk assessments and identify and recommend opportunities for improvement from an information security standpoint.
- Lead solution design and delivery to address risks/vulnerabilities, meet requirements/needs of the business.
- Effectively oversee multiple projects/initiatives simultaneously.
- Influence the continuous improvement of processes, policies and best practices to optimize performance and availability of technologies.
- Evaluate, troubleshoot and participate in root-cause analysis of development and test environment issues within technical area of expertise.
- Define, track and measure overall department performance and metrics.
- Provide oversight, technical expertise and informal or formal leadership to a team of information security professionals.
- Foster a collaborative, success-oriented team environment.
- Provide work direction and prioritization to teams as it relates to information security.
- Ensure compliance with company's policies, processes and procedures.
Benefits
- vacation time
- sick time
- 401(k)
- health, dental and life insurance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
