$130K — $160K *
IT Security Manager
This role is an incredible opportunity for an "out of the box thinker" to champion an Information Security Department for the organization. Our client continues to dominate the market by using technology with cutting-edge growing facilities, revolutionary automation, water-saving irrigation, energy-efficient lighting, and state-of-the-art methods for monitoring growing conditions to be number one in their industry.
Yes, I am seeking someone join a fantastic – fun leader (the Chief Information Officer) to serve as the Information Security
- Provide guidance in planning and scoping Security Assurance engagements
- Provides strategic risk guidance for IT projects, including evaluations and recommendations of technical controls.
- Oversee security testing performed by internal team members and external partners
- Compile relevant security metrics and deliver them to stakeholders and senior leadership
- Represent the organization as a Subject Matter Expert in security requirements.
- Provide clear guidance to company employees and recommend modifications to operations policies and/or procedures as appropriate.
- Develop, implement and maintain a Security Program to include monitoring system security measures to ensure alignment with goals.
- Advise on configuration management activities, including an assessment of modifications and/or vulnerabilities.
- Develop and implement procedures for responding to security incidents and investigating and reporting security violations and incidents as appropriate.
- Develops, maintains and publishes up-to-date security policies, standards and guidelines.
- Oversees training and dissemination of security policies and practices.
- Evaluates new cybersecurity threats and IT trends and develops effective security controls. Oversees development of security awareness programs.
- Work with Legal and Finance Departments to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations.
Proven Experience in you Career so far:
- Cloud-based services in the areas of security automation, engineering and design.
- Assessing and supporting standards-based security control requirements (e.g., SOC 2, ISO, NIST, etc.) and related audits for compliance.
- Implementing security tooling, processes, and strategies in the areas of AV endpoint protection, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Active Directory, SAML / ADFS, Multi Factor Authentication, RADIUS, and related technologies.
- Demonstrated knowledge of IT networks and systems and associated security principles (e.g., firewalls, DMZ, Storage, Virtualization, OS-level configuration, encryption, load balancers, proxies, VPN, bandwidth management), resiliency and redundancy).
- Developed and deployed a targeted information security awareness training program for all employees, contractors, and approved system users, with established metrics to measure the effectiveness of this security training program for the different audiences.
- Experience in Unix, Windows, Linux, TCP/IP, Storage devices, network devices, fail-safe strategies, system architecture, LAN and WAN methods, and intranet/internet security environments, including; firewalls, intrusion detection, incident response, policy writing, vulnerability testing, operating system hardening, regulatory compliance and data classification.
- Performing Cloud Computing vendor evaluations (SasS, PaaS, IaaS).
- Knowledge of relational database design and architecture with Experience in data administration and security methods with tier 1 ERP (Oracle, SAP, etc.), web application layers, e-commerce, and SQL.
- Experience in IAM, NIDS/HIDS, SEIM, Log Management, Patch Management, Vulnerability Management, eDiscovery, Virtual Machine Security, Wireless and Mobile Security, and Industrial Controls.
Requirements you'll need:
- Bachelor's degree in Management Information Systems, Computer Science, Engineering or related discipline. An advanced degree is preferred.
- 10+ years progressive IT experience, 6 to 8 years in a combination of risk management, IT Leadership information security and information technology desired.
- One or more certifications preferred: CISM, CISA, CISSP, CRISC, or HISP
Valid through: 7/7/2021