Cyber Security Manager

Confidential Company  •  Boston, MA
Salary depends on experience
Posted on 06/22/18 by Cynet Sytems
Confidential Company
Boston, MA
Technology
Salary depends on experience
Posted on 06/22/18 Cynet Sytems

We are looking for Cyber Security Manager for our client in Boston, MA

Job Title: Cyber Security Manager

Job Location: Boston, MA

Job Type: Contract ? 12 Months / Contract to Hire / Direct Hire

"US citizens and those authorized to work in the US are encouraged to apply. We are unable to sponsor H1b candidates at this time."

Job Description:

Primary Responsibilities:

  • The Cyber Security Manager is responsible for establishing and maintaining an enterprise-wide Information Security Management Program across all areas of the clients infrastructure to ensure information assets are securely protected.
  • The Manager is responsible for identifying, evaluating, and reporting information securityrisks in a manner that meets the SOC's compliance and regulatory requirements.
  • The Manager will be required to collaborate with upper management and other senior leaders in developing and maintaining the Program.
  • This position reports to the IT Division's Chief Information Officer.

Participates in information security governance and incident management:

  • Provides strategic guidance for information technology and other projects involving the integration of security controls
  • Responds to, investigates, escalates, mitigates, and reports actual and attempted cybersecurity incidents.
  • Initiates process improvements to reduce future occurrences of security incidents.
  • Liaises with appropriate law enforcement and security information agencies.
  • Participates in the development and maintenance of client cyber-incident communication plans.
  • Contributes to business continuity and disaster recovery planning, including development of impact analyses and continuity, and recovery plans.
  • Attends appropriate meetings to address questions relating to security-related findings.
  • Works within the client organization to develop and coordinate a compliance schedule for addressing security related findings.
  • Monitors the external threat environment for emerging threats and advises relevant stakeholders on the appropriate courses of action.
  • Assists in the planning and coordination of information securityaudits, including networksecurity scans, vulnerability scans, penetration tests, etc.
  • Maintains a strong awareness of applicable Massachusetts and Federal laws and proposed changes to ensure compliance.

Evaluates the clients current security posture, recommends improvements, and monitors effectiveness of controls:

  • As an individual contributor, or in collaboration with cross-functional teams, the Cyber Security Manager is expected to document, implement, monitor, and manage security controls related to all client information systems.
  • Safeguards information systems by identifying and proposing mitigation plans and solutions for potential and actual security vulnerabilities.
  • Oversees the development and implementation of information security policies and procedures.
  • Provides regular and ad hoc reporting to client senior business leaders and executive leadership on the status of the clients security programs.
  • Facilitates and promotes activities to create security awareness and access management.
  • Assists in the development of information security compliance training and awareness to all client staff members, contractors, interns, and consultants.
  • Contributes to the development of the client budgets relating to information security management and associatedmonitoring costs.

Participates in the oversight of security controls of third parties:

  • Supervises procedures for activating and terminating logical systems access for employees, vendors, consultants, and other third parties.
  • Participates in the procurement, contracting, analysis, and design phase of new systems acquisitions (whether hosted or on-premises) to ensure precise security requirements are met.

Qualifications:

  • A bachelor's degree and a minimum of six years of professional experience in information technology including systems administration, networking, application development, information security management, information technologyrisk assessment, and/or security reviews/investigations.
  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Information Security Manager (CISM) preferred.

Knowledge, Skills and Abilities:

  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
  • Proven record of experience in developing information security policies and procedures, as well as successfully executing programs that meet the standards of excellence in a dynamic environment.
  • Comprehension of security frameworks, standards, and best practices (e.g., NIST, COBIT, ISO 27001/2, SANS Top 20 Critical Security Controls, ISF Standard of Good Practice, etc.).
  • Knowledge in one or more of the following functional capabilities: technology or security operations, risk governance, IT/IS compliance, data protection, threat and vulnerability management, data breach incident management, supplier/vendor risk management, security monitoring, access management, technology or security policies and standards, business continuity, IT risk management, and/or networksecurity.
  • Possess and demonstrate a strong ability to influence and achieve complex and demanding deadlines.
  • High degree of initiative, dependability and ability to work with little supervision
  • High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
  • Project management skills to include financial/budget management, scheduling, and resource management.
  • Excellent analytical and conceptual skills.
  • The ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment, and meet the organization's overall objectives.
  • Adept at leading and motivating cross-functional, interdisciplinary teams to achieve tactical and strategic goals. 

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.