BASIC FUNCTIONS: This position secures enterprise assets within a specific domain and reduces losses by applying necessary security requirements; planning, implementing, and testing systems; and managing staff. This position is a leadership role that requires an individual with a strong technical background, as well as the ability to work with the IT organization and stakeholders. The Manager Security position participates in IT planning initiatives to ensure that security measures are incorporated into strategic plans and to ensure that security capabilities are clearly defined.
• 10+ years of IT security experience
• 2+ years of management experience
• BS Engineering/Computer Science or equivalent experience required; advanced degree preferred
• Licensing/certification required (at least one of the following): CISSP, CISM, SANS, GIAC (or related), ethical hacking/penetration tester certification, and/or security risk assessment certification
• Advanced knowledge of security environments.
• Advanced knowledge of security strategy and architecture integration.
• Ability to assess security policy effectiveness.
• Advanced knowledge of information security hardware/software.
• Strong understanding of compliance and governance initiatives.
• Analysis of security event for anomalous activity.
• Identification of emerging security threats.
• Vulnerability assessment, threat analysis, and reporting.
• Promotion of security policies and implementation of security programs.
• Monitoring of security systems for threats.
• Advanced knowledge of security environments.
• Strong skills in setting, communicating, implementing, and achieving business objectives and goals through the direct management of others.
• Strong organization/project planning, time management, and change management skills across multiple functional groups and departments, and strong delegation skills involving prioritizing and reprioritizing projects and managing projects of various size and complexity.
• Advanced problem-solving experience involving leading teams in identifying, researching, and coordinating the resources necessary to effectively troubleshoot/diagnose complex project issues; prior success extracting/translating findings into alternatives/solutions, and identifying risks/impacts and schedule adjustments to facilitate management decision-making.
• Advanced communication (verbal and written) and customer service skills. Strong interpersonal, communication, and presentation skills applicable to a wide audience including senior and executive management, customers, etc., including diction/terminology and presenting information in a concise and effective manner to clients, management, and various departments using assorted communication mediums.
• Provide management and general direction for the integration of security strategy and architecture with business and IT strategy.
• Work with selected resource owners to identify company IT assets that require security controls and determine appropriate security policies for identified resources.
• Assess effectiveness of security programs within primary area of responsibility.
• Plan and implement new or updated information security hardware or software, and analyze its impact on the applicable environment.
• Conduct technical risk assessments, such as vulnerability scanning, penetration testing, risk reviews for new applications, and third-party risk assessments.
• Lead team of engineers to ensure timely and accurate performance of all team activities.
• Responsible for analyzing/validating the requirements, defining the access rules, scripting the changes, and providing troubleshooting support related to any access issues.
• Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current capabilities, as well as identifying any gaps or technical solutions to further enhance the team's effectiveness.
• Compliance and governance: help achieve compliance, identify compliance initiatives, and author and promote appropriate security policies.
• Lead, analyze, and review security events for anomalous activity, and collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats.
• Lead the exploration of practical security solutions to address emerging threats and compliance requirements, including design and implementation of recommended solutions.
• Develop and implement security programs: manage and execute project deliverables; communicate to affected stakeholders including departments within the company; develop program procedures including guidelines and flow diagrams to be implemented on an ongoing basis; and develop tools or metrics that allow for the measurement of successful program implementation.
• Communication and outreach: maintain communication with peers throughout the organization and security contacts including Business Units and subsidiary locations; survey clients to determine appropriate communication methods; deliver solutions to help raise security awareness; and develop and disseminate information regarding security controls and newly identified risks.
• Assess and measure security programs to ensure closed-loop operations, seek out and execute upon opportunities to reap program maturity, and deliver innovative solutions to obtain efficiencies.
• Carry out management responsibilities in accordance with the organization's policies, procedures, and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; and addressing complaints and resolving problems.
• Ensure all staff is provided with training and resources needed to perform their jobs to the most outstanding degree possible. Ensure all staff is provided with frequent feedback and coaching in order to meet and exceed individual and team performance goals consistently.
• Manage and encourage new ideas from staff to foster improvements through innovations.
• Empower the staff to be accountable and responsible for their own actions and decisions.
• All other duties as assigned.
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. If a qualified individual with a disability or disabled veteran needs a reasonable accommodation to use or access our online system, that individual should please contact firstname.lastname@example.org or if you are based in the US you may also contact us on 1.855.833.5120.