Cyber Security Manager

  •  

Boston, MA

Industry: Technology

  •  

Not Specified years

Posted 146 days ago

  by    Cynet Sytems

This job is no longer available.

We are looking for Cyber Security Manager for our client in Boston, MA

Job Title: Cyber Security Manager

Job Location: Boston, MA

Job Type: Contract ? 12 Months / Contract to Hire / Direct Hire

"US citizens and those authorized to work in the US are encouraged to apply. We are unable to sponsor H1b candidates at this time."

Job Description:

Primary Responsibilities:

  • The Cyber Security Manager is responsible for establishing and maintaining an enterprise-wide Information Security Management Program across all areas of the clients infrastructure to ensure information assets are securely protected.
  • The Manager is responsible for identifying, evaluating, and reporting information securityrisks in a manner that meets the SOC's compliance and regulatory requirements.
  • The Manager will be required to collaborate with upper management and other senior leaders in developing and maintaining the Program.
  • This position reports to the IT Division's Chief Information Officer.

Participates in information security governance and incident management:

  • Provides strategic guidance for information technology and other projects involving the integration of security controls
  • Responds to, investigates, escalates, mitigates, and reports actual and attempted cybersecurity incidents.
  • Initiates process improvements to reduce future occurrences of security incidents.
  • Liaises with appropriate law enforcement and security information agencies.
  • Participates in the development and maintenance of client cyber-incident communication plans.
  • Contributes to business continuity and disaster recovery planning, including development of impact analyses and continuity, and recovery plans.
  • Attends appropriate meetings to address questions relating to security-related findings.
  • Works within the client organization to develop and coordinate a compliance schedule for addressing security related findings.
  • Monitors the external threat environment for emerging threats and advises relevant stakeholders on the appropriate courses of action.
  • Assists in the planning and coordination of information securityaudits, including networksecurity scans, vulnerability scans, penetration tests, etc.
  • Maintains a strong awareness of applicable Massachusetts and Federal laws and proposed changes to ensure compliance.

Evaluates the clients current security posture, recommends improvements, and monitors effectiveness of controls:

  • As an individual contributor, or in collaboration with cross-functional teams, the Cyber Security Manager is expected to document, implement, monitor, and manage security controls related to all client information systems.
  • Safeguards information systems by identifying and proposing mitigation plans and solutions for potential and actual security vulnerabilities.
  • Oversees the development and implementation of information security policies and procedures.
  • Provides regular and ad hoc reporting to client senior business leaders and executive leadership on the status of the clients security programs.
  • Facilitates and promotes activities to create security awareness and access management.
  • Assists in the development of information security compliance training and awareness to all client staff members, contractors, interns, and consultants.
  • Contributes to the development of the client budgets relating to information security management and associatedmonitoring costs.

Participates in the oversight of security controls of third parties:

  • Supervises procedures for activating and terminating logical systems access for employees, vendors, consultants, and other third parties.
  • Participates in the procurement, contracting, analysis, and design phase of new systems acquisitions (whether hosted or on-premises) to ensure precise security requirements are met.

Qualifications:

  • A bachelor's degree and a minimum of six years of professional experience in information technology including systems administration, networking, application development, information security management, information technologyrisk assessment, and/or security reviews/investigations.
  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Information Security Manager (CISM) preferred.

Knowledge, Skills and Abilities:

  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
  • Proven record of experience in developing information security policies and procedures, as well as successfully executing programs that meet the standards of excellence in a dynamic environment.
  • Comprehension of security frameworks, standards, and best practices (e.g., NIST, COBIT, ISO 27001/2, SANS Top 20 Critical Security Controls, ISF Standard of Good Practice, etc.).
  • Knowledge in one or more of the following functional capabilities: technology or security operations, risk governance, IT/IS compliance, data protection, threat and vulnerability management, data breach incident management, supplier/vendor risk management, security monitoring, access management, technology or security policies and standards, business continuity, IT risk management, and/or networksecurity.
  • Possess and demonstrate a strong ability to influence and achieve complex and demanding deadlines.
  • High degree of initiative, dependability and ability to work with little supervision
  • High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
  • Project management skills to include financial/budget management, scheduling, and resource management.
  • Excellent analytical and conceptual skills.
  • The ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment, and meet the organization's overall objectives.
  • Adept at leading and motivating cross-functional, interdisciplinary teams to achieve tactical and strategic goals.