[ Back ] [ The Roadtechs Computer / Telecom Job Board ] [ Help ] [Edit ] [Mark Position Closed ]
Post Number: 523969
Posted By: Empyrean Services
Posted On: 2019-05-19 00:04:01
Email Address: email@example.com
Link: Empyrean Services Job Openings
Subject: Manager, Information Security
Contract / Temp to Direct / Direct Hire: Direct Hire
Country: United States
Reply to Recruiter via Text Msg: 4125281589
The Information Security Manager is responsible for all aspects of the IT Information Security program at Client Site. This includes protecting company intellectual property, and other sensitive data, from unauthorized disclosure as well as reducing risk to the company from threats that may compromise the availability or integrity of information processing systems. The Information Security Manager is responsible for leading security strategy, actively participating in its implementation & operation, and assessing overall effectiveness within the company.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Work with the IT Director to develop, implement, and maintain the strategic vision and plan for the information security program.
Responsible for the implementation, operation, and continual improvement of the information security program.
Collaborate across the organization to ensure the needs of relevant stakeholders are addressed.
Hire, contract, and/or manage personnel to ensure services are delivered in an effective and timely manner.
Establish and maintain regular security audits of infrastructure, personnel behavior, and contracted services.
Investigate security incidents and provide regular reports to upper management.
Serve as the internal and external primary point of contact on information security issues.
Maintain current in-depth knowledge of issues related to information security.
Mentor and train staff to foster a security culture.
Ensure information security and infrastructure operations teams work closely to maintain core services for the business.
Ensure there is adequate emergency coverage for information security issues, as required.
Performs other duties as assigned.
MINIMUM SKILLS, QUALIFICATIONS AND ABILITIES:
A minimum of a B.S. degree in Computer Science or IT Security from a four year accredited college or university with 5 years of relevant experience or a degree in a technical or business field and 10 years relevant experience.
A minimum of 10 years experience in complex IT environments. This includes direct experience working on enterprise-wide security strategy and policy. A successful candidate will have a CISSP, SANS GSE, or other equivalent certification.
Required experience and skills in the following areas:
Strong understanding of formalized programs and regulatory frameworks (e.g. : ISO 27001, NIST 800, PCI, SOX)
Strong understanding of data loss prevention and IDS/IPS systems
Experience with physical security issues related to staff, facilities, and equipment
Experience communicating complex issues to upper management
Leading incident response teams throughout the entire incident lifecycle.
Experience in conducting investigations related to sensitive issues.
Strong understanding of advanced security threats, detection techniques, mitigation strategies, and cleanup methods for commodity malware, targeted APTs, insider threats, blended attacks, espionage, etc.
Strong knowledge of and experience using a variety of security tools & processes (penetration testing tools, forensic tools, risk assessment, etc.) for securing both the core network and end-points.
Preferred/desired skills and experience
Familiarity with nuclear cyber security concerns and regulations from design to operation
Strong understanding of export control regulations (e.g.:10 CFR 810, ITAR, etc.)
Experience operating and supporting least-privilege enterprise infrastructure and applications at scale (SharePoint, Exchange, Active Directory, MS System Center, MS SQL, Linux, etc.)
Experience working in complex heterogeneous multi-site networks
Encryption (at-rest, in-transit, & application containerization) and public key infrastructure
Familiarity with network devices, end-point authentication, and fingerprinting
Scripting and programming (PowerShell, Bash, CMD, VB Script, C#, ASP.Net,)
Industry Requirements: Eligible to work under Department of Energy 10 CFR Part 810.
Management: Proven track record of managing staff from multiple disciplines and coordinating design interfaces to provide design solutions in a timely manner.
Quality Assurance: Demonstrated understanding and implementation of quality assurance regulations, standards and guidelines of 10 CFR 50 Appendix B, 10 CFR 21, and NQA-1 preferred.
CORE COMPETENCIES: To perform the job successfully, the individual should demonstrate competencies in performing the essential functions of this position by performing satisfactorily in each of these competencies.
Business Acumen: A strategic thinker with good business perspective and an understanding of the companys business. Able to function comfortably in political interactions. Capable of developing strong interpersonal networks within the organization.
Problem solving: Decisive with good judgment. Identifies and resolves problems in an efficient and effective manner. Gathers and reviews information appropriately. Uses own judgment and acts independently; seeks input from other team members as appropriate for complex or sensitive situations.
Oral/written communication: Strong communication skills, externally and internally. Listens carefully and speaks clearly and professionally in all situations. Edits work for accuracy and clarity, Is able to create, read and interpret complex written information.
Planning/organizing: Capable leader; able to establish a vision and align an organization around the vision. Prioritizes and plans work activities, organizes personal and project timelines and deadlines, tracks project timelines and deadlines, and uses time efficiently.
Integrity: Is trusted by peers and subordinates.
Adaptability: Adapts to changes in the work environment, manages competing demands and is able to deal with frequent interruptions, changes, delays, or unexpected events.
Team Building: Capable of developing strong interpersonal networks and trust within the organization, setting expectations and requirements and achieving accountability of supervised personnel. Leads consensus by involving all stakeholders, facilitating their understanding of differences, agreeing on requirements and constraints, and developing the best solution.
Safety Culture: Adheres to the Safety culture and is expected to model safe behavior and influence peers to meet high standards.
Empyrean Services is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status or any other protected status.
Thinking about applying for this position?
Please make sure that you meet the minimum requirements indicated for the job before you apply (see user agreement). If you are qualified, then use either the email link (near top of post) or the application link (near bottom of post) to apply, whichever is provided.
6 page view(s)