IT Security Manager

Solid stable, long standing company that is very employee oriented with great benefits.

They are one of the fastest growing companies in their space

This is the perfect role to really put your mark on something.  This is a newly created position, tasked with building a team to support the security vision of an entire business unit.

Key Responsibilities: 

·Communicates Information Security goals and new programs effectively within the organization

·Ensures consistent and effective security practices

·Establishes appropriate Information Security procedures and governance

·Oversees the deployment, integration, and initial configuration of all new Information Security solutions and Information Security policies, standards, and operational procedures

·Manages investigations into identified problematic activity and provides on-going communication with IT senior management

·Owns and manages relationships with vendors performing managed security services for the Overseas & Trading division

·Provides centralized guidance and governance of Information Security solutions

·Engages in ongoing communications with peers in the Infrastructure and Application Support groups as well as the business groups to ensure understanding of security goals

·Collaborates with affiliate companies to assist with identifying and managing Cybersecurity risk

·Assist with Information Security awareness programs

·Creates and maintains a set of metrics to document and measure the performance and effectiveness of the Information Security program; responsible for communicating metrics to the Overseas & Trading senior management.

·Participates in annual and long-range planning activities to ensure Information Security needs are addressed

• Must be open to  travel approximately 35% of the time.
• A college degree in MIS, CIS, Business Management, or related field
• 5+ years of overall Information Security experience
• 1+ years working on an Information Security implementation team
• An Information Security industry certification is preferred
• Progressive experience in a combination of Information Technology, Risk Management, Information Security, and Compliance roles is preferred
• Must have a working knowledge of at least one of the following regulatory compliance requirements and IT management frameworks:
  • CIS Critical Security Controls
  • ISO 27000-series standards
  • NIST SP800-53 and related standards
• Must have a working knowledge of the following Information Security practices, standards, and systems:
  • Data Loss Prevention (DLP) systems
  • Encryption technologies and standards
  • Endpoint security software
  • Governance, Risk, and Compliance (GRC) systems
  • Identity and Access Management (IAM)
  • Incident response practices
  • Network security (e.g. firewalls, IDS/IPS, VPN, etc.…)
  • Risk assessment practices
  • Security Information Event Management (SIEM) systems
  • Vulnerability management practices and scanning tools

Solid company with excellent track record of stability,.Great opportunities for growth and learning.