$150K — $200K *
Oversees and coordinates all information security staff and activities to ensure the firm's overall information assets are adequately protected. Oversees the planning, coordinating and implementing of information security programs in order to maintain information integrity and protect against all cybersecurity threats. Interacts with other individuals in the firm in a problem-solving and team-building manner.
Oversees, develops and maintains the Firm's ISO 27001 Program, and operation objectives.
Manages the development and cost effective solutions to maintain the integrity of system information while allowing business operations to continue in the event of any type of business interruption.
Assists in audits of the Information Security program as needed at the request of management.
Uses leadership skills to train, motivate and direct assigned staff.
Provides technical expertise in the selection, testing, implementation and deployment of information security systems.
Provides technical guidance and direction in information security monitoring, assessment, auditing and testing.
Defines, develops and implements the firm's Information Protection Program security policy.
Works with the Director of Information Security and Risk Management to develop methods of improving department workflow, customer satisfaction and employee efficiency.
Assists in determining department work procedures, plans, assigns and directs work as necessary.
Monitors employee workflow and makes adjustments as necessary to ensure customers' needs are addressed in a timely and efficient manner.
Monitors and audits analyst(s) work product, reviews and communicate results with employee and provides advice.
Coordinates training of staff to ensure work meets/exceeds performance expectations within a reasonable time frame.
Oversees department projects, ensuring that procedures are followed and objectives are accomplished according to schedule.
Responsible for conducting, coordinating, testing, implementing, deploying, and operational maintenance of all information security systems, applications, appliances and devices throughout the firm.
Responsible for assessing, recommending, developing, implementing and maintaining the firm's information security infrastructure and security standards.
Lead for security risk assessments and penetration studies of networks. Recommends solutions for security vulnerabilities and takes corrective measures and/or applies security patches when appropriate.
Installs, monitors, maintains and upgrades virus detection applications/tools to ensure computer codes, viruses, and worms are blocked or eradicated when detected.
Analyzes problematic security log entries from security servers and routers, provides technical solutions to issues and security breaches.
Is on call to respond to security incidents or disaster recovery and business continuity operations.
Maintains advanced knowledge of the firm's Information Security posture, goals and objectives.
Supervises the Information Security Engineers. Is responsible for the overall direction, coordination, and evaluation of designated employees in this category. Carries out supervisory responsibilities in accordance with the organization's policies and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding, coaching, and disciplining employees; addressing complaints and resolving problems.
Bachelor's degree (B. A.) from four-year college or university; or three to five years advanced information security experience and/or training; or ten years of combined information systems and information security experience; and three to five years supervisory experience; and/or equivalent combination of education and experience.
Professional certification of CISA or CISSP desirable. Must have advanced knowledge of general information security equipment and functionality.
Professional certification of CISA or CISSP desirable. Must have advanced knowledge with PC and LAN servers, security firewalls, intrusion protection systems, cloud based security systems , and other Information Security related technologies.
Valid through: 11/2/2021