IT Security Manager
Posted on Jan 16, 2020 by Request Technology - Robyn Honquest
IT Security Manager
Looking for a manager over all areas of security. You will have (5) Direct Reports, (2) Sec Admin, (2) Security Engineers (1) Sec Analyst. All Sec Ops, security controls intrusion detection prevention.
Network controls, web applications, Firewalls, email content filtering, IAM vulnerability management, pre-testing, forensic investigation, 5-7 years coming up through security, 3 + years management.
The IT Security Manager has primary responsibility for all IT Security-related system operations
Manages all IT Security Operations detective and preventative technologies. Examples of security controls include: intrusion detection/prevention, malcode detection/prevention, network access controls, web application Firewalls, web content filtering, e-mail controls, change detection and centralized logging. The incumbent will ensure detective security controls are kept up-to-date and are configured for appropriate effectiveness, in accordance with industry best practice and regulatory guidance.
- Manage the monitoring, administration, engineering, architectural guidance and processes/procedures for detective and preventative technologies.
- Manage the Identity and Access Management (IAM) Program, including access requests and attestation.
- Oversee and manage security projects including design, implementation and integration of new or upgraded technologies.
- Strengthen and formalize security processes both within the security team and with other supporting resources.
- Manage industry best practice guidance and security hardening guidelines for all OF technologies.
- Mandate and document necessary settings on indirect security controls such as baseline security configurations and application development security guidelines.
- Manage Threat Intelligence Program; remain current on new and emerging threats, and the implication on the OF; and recommend and implement suggestions for improving security based on research.
- Manage Vulnerability Management Program; conduct and manage internal and third party vulnerability assessments and penetration tests; and work with appropriate teams to ensure proper ratings and remediation.
- Subject matter expert on security incident response efforts; oversee all alerts and anomalies; serve as the lead for incident response research, analysis, communication, and management of forensic investigations; and conduct incident investigations both during and after business hours as needed.
- Partner closely with the Enterprise Architects, Project Managers, Infrastructure Leaders, and Application Development teams to ensure a consistent approach to security solutions in each area of responsibility and throughout the development life cycle.
- Lead, manage and develop IT Security staff and resources and ensure all necessary steps are sufficiently documented and followed by the IT Security staff when evaluating security settings.
- Serve as a liaison with internal and external IT audit teams, fulfilling documentation requests, developing remediation plans, and leading efforts to remediate findings.
- Manage IT Security Operations budget and resources, and participate in IT planning and project management.
- Support the OF's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners
- Assist with other job duties as assigned
- Bachelor's degree in Computer Science or related field required.
- Professional Security Certification (eg, CISSP, GIAC, CISM) required.
- Minimum 5 to 7 years of experience in IT security related positions.
- Minimum 3 years of experience in IT Security leadership.
- Demonstrated expertise in the area of information security.
- Demonstrated experience in incident response and responding to emergency situations.
- Demonstrated experience leading and managing IT projects or sub-teams and knowledge of IT project management.
- Ability to lead and manage technical personnel.
- Strong decision-making skills and excellent analytical ability.
- Excellent written and verbal communication skills.
- In-depth knowledge of IT security principles and technologies.
- Fundamental knowledge of.NIX (Sun Solaris, RHEL, Windows, etc.).Fundamental knowledge of web applications protocols (HTTP(s) and web services frameworks (JAVA, APACHE, .NET)
Set up alerts to get notified of new vacancies.
$150k - $165k Annual
$140k - $150k Annual