About This Opportunity
InComm OLS is looking for a Manager of Information Security to manage all securityprocesses, policies, and procedures for the organization. This person will be responsible for change control processes as well as keeping up with enhancements to policies and trends in security. We need someone who can manage complaince for various scheduled and unscheduled assessments and audits throughout the year. This person will lead the security team as we continue to grow and add new business and functionality. This is an excellent opportunity for someone with leadership experience who is passionate about IT security.
- Manages OLS information securityprocesses, policies, and procedures including security monitoring, response and escalation processes.
- Manages the IT Security organizations change control processes and procedures.
- Recommends security and policy enhancements to executive management.
- Researches latest trends in information security.
- Performs annual risk assessment and communicate results to executive management.
- Responsible for all IT compliance and Information Security efforts. These include PCI-DSS, PA-DSS, HIPAA, HITRUST, SSAE16 SOC2 assessments.
- Tracking and scheduling all audits, reviewing and collecting exhibits, policy and procedure reviews, interacting with and supervising the QSA's while on site.
- Sets direction for all Information Security and compliance initiatives.
- Provides training, guidance, sets direction for all Information Security staff members.
- Maintain corporate security awareness programs including routine training and corporate wide phishing campaigns.
- Manages a team of 5 individual performers including mentoring, coaching and providing career advancement.
- Responsible for IT Security budget and fiscal year spending projections.
- 10 years in IT Security, preferably in a management role.
- Bachelors degreerequired, Master’s preferred
- CISSP or CISM certification required.
- Working knowledge of encryption concepts.
- Working knowledge of HIDS, SIEM, antivirus, and vulnerability scanners.
- 5 years of PCI-DSS and SOC2 assessment experience.
- Innovative thinker with the ability to apply information security best practices to support the business and ensures compliance with PCI/PA-DSS and SOC2 requirements.
- Strong communication, collaboration and team-work skills.
- Self-starter who is resourceful and able to handle multiple projects simultaneously.
- A person that takes pride and ownership in their work.
- Technical background with good English writing skills.
- Located in Dallas Fort-Worth Area.
- Ability to work during off-hours as required.