Sr. Information Security Manager

Confidential Company  •  San Luis Obispo, CA

8 - 10 years experience  •  Staffing & Recruiting

$128K - $181K ($120K - $170K base + 7% bonus)
Posted on 08/11/17 by Arthur Crume
San Luis Obispo, CA
8 - 10 years experience
Staffing & Recruiting
$128K - $181K
($120K - $170K base + 7% bonus)
Posted on 08/11/17 by Arthur Crume

Sr. Information Security Manager
*Management of Information Security teams (will manage 5-8 direct reports in this role) Background in hands on Information Security role Knowledge of both security engineering and security compliance (PCI/SOX/DSS).
*Implementing a new IDS and this person will be leading both the engineering and compliance teams - this team manages the security providers, does internal penetration testing, and focuses on finding vulnerabilities.
San Luis Obispo, CA
Salary: $125K-$170K + 7% Bonus
Nationwide Relocation Assistance Available

This client creates web-based financial products that help consumers manage their credit, identity and money.
The product suite includes Credit Monitoring and ID Theft Protection products that help customers monitor critical changes in their credit by assisting them with debt analysis, identity theft protection features, and money management tools.

The Senior Security Manager is a hands-on role involving managing team in designing, deployment and support of complex security products to ensure that applications and infrastructure are implemented to the highest standards thus maintaining and enhancing customer trust.

The Security Manager‘s responsibilities include security system deployments, configuration, monitoring and reporting.
This position will have a lead role in performing vulnerability assessments, securitytesting, and working with security and development teams on remediation and mitigation of findings.

The Security Manager needs experience in providing architecture support of the security infrastructure.
The Security Manager will need to work collaboratively with other team members and with external information security technology vendors to identify advanced threats and prevent compromise.
The Security Manager will be engaged in critical decisions involving risk, incident response, and security process improvements in critical infrastructure that require unwavering integrity and moral character.
The Security Manager will participate in securityaudits, risk analysis, vulnerability testing and security reviews on many elements of company systems.

The Team’s Focus
Creates web-based financial products that help consumers manage their credit, identity and money.
The product suite includes Credit Monitoring and ID Theft Protection products that help customers monitor critical changes in their credit by assisting them with debt analysis, identity theft protection features, and money management tools.

How You’ll Contribute:
Manage team of highly skilled security professionals with strong team dynamics.
Experience with analyzing, troubleshooting, and investigating security-related anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts.
Experienced with maintaining, configuring, and analyzing network and host-based security platforms.
Experience with some or all of the following: TCP/IP OSI Model, system logs (WMI, syslog, etc.), antivirus, IDS/ IPS, packet analysis, configuration standards, Group Policy, Vulnerability analysis, Event Correlation, Forensics, IDS/IPS, rule sets and signature creation, web application security, pen-testing, reverse engineering, Honeypots, IOC, advanced threat detection, code analysis.
Data Loss Prevention (DLP), Log Indexing and Correlation platform, Network Access Control (NAC), Physical access control systems.
Identify security issues and risks, and develop mitigation plans
Evaluate, Architect, design, implement and support security-focused tools and services including project leadership roles.
Develop and interpret security policies and procedures.
Mentor members of the team.
Participate in security compliance efforts (e.g., PCI, DSS, SOX).
Develop and deliver training materials and perform general security awareness and specific security technology training.
Acquisition and vendor risk assessment due diligence.
Evaluate and recommend new and emerging security products and technologies.
Participate in incident handling.
Participate in projects that develop new intellectual property.
Evangelize security within Company and be an advocate for customer trust.
Maintain and update relevant system and process documentation and develop ad-hoc reports as needed.
Provide reoccurring reports for network and host-based security solutions.
Experienced with the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes.
Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team environment.

Strategy & Planning:
Evaluate documented resolutions and analyze trends for ways to prevent future problems.
Research and recommend innovative, and where possible, automated approaches for system administration tasks.
Identify approaches to solutions that leverage our resources and provide economies of scale.
Keep current with the latest technologies.

Project Management:
Organize and lead projects based on stakeholder requirements.
Manage project milestones and deadlines.
Communicate effectively across groups to accomplish project tasks.

*A minimum of 7-10 years IT experience; at least Five of those years focused on IT security, infrastructure or application- level vulnerability testing and auditing, and/or network security, at least 3+ years managing direct reports.
*Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings.
*Comfortable working on both Linux-based, MS Windows-based and OSX-based system platforms with a strong IT technical understanding and aptitude for analytical problem solving.
*Strong understanding of enterprise, network, system and application level security issues.
*Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks.
*Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
*Understanding of the system hardening processes, tools, guidelines and benchmarks.
*Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
*Experience managing multiple technology projects simultaneously
Knowledge of Linux, Windows, OSX systems.
*Working knowledge of a range of diagnostic utilities.
*Exceptional written and oral communication skills.
*Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills.
*Strong documentation skills.
*Working knowledge of industry-specific regulations (ITIL v3, AT101, SOX, PCI, HIPPA) required.
*Bachelor’s degree in Computer Science, Information Technology or related field or a combination of education and experience.

Any of the following:
Juniper Network Certified NetworkAssociate (JNCIA-Junos), Juniper Network Certified Specialist Security (JNCIS-SEC), Juniper Network Certified Professional Security (JNCIP-SEC), Juniper Network Certified Expert Security (JNCIE-SEC).

Personal Attributes:
Ability to conduct research into a wide range of computing issues as required.
Ability to present ideas in user-friendly language.
Highly self-motivated and directed.
Ability to effectively prioritize and execute tasks in a high-pressure environment.
Exceptional customer service orientation.
Experience working in a team-oriented, collaborative environment.
Have a strong desire to learn continually and grow professionally.

Equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.