The IT Security Manager is responsible for the administration, support, engineering and service delivery associated with IT security operations, technologies and technical services. This role will manage the many facets of IT security of the firm’s technology infrastructure including management of security service providers, vulnerabilities, threats, tools, projects and end to end security operational support.
The successful candidate should have the ability analyze, quantify, prioritize, summarize and report on threats and vulnerabilities in a clear and actionable manner. The candidate must also understand how to analyze issues using a risk-based approach and work with management and other IT areas to develop practical solutions that can be implemented to effectively mitigate and manage risks. The ability to collaborate and partner with different IT areas to provide subject matter expertise, guidance and project and operational security support is crucial.
Coordination of IT’s role in Information Security Incident Response process, including overall ownership of all information security incidents and tracking of all security related incidents from notification to resolution.
Member of Information Security Steering Committee
Review, analyze prioritize the remediation of emerging threats and vulnerabilities
Track identified information security risks and mitigations
Manage security vendors and service providers
Lead and mentor staff
Partner with Information Security and Risk Management to implement technical security controls in support of security programs
Provide security operational support for the entire infrastructure stack including but not limited to network, end points, desktops, servers, software, applications, databases, voice and mobile
Own and manage security tools
Manage & analyze current security systems and present recommendations for improvement
Manage penetration testing and Vulnerability scanning
Develop and maintain technical procedures, processes and documentation to support information security policies
Work with all areas of IT to ensure compliance with technical security controls that comply with Information Security Policies
Keep Current with Information Security threats Trends and solutions
Support projects and initiatives and provide SME security input and recommendations
BS/BA degree in Information technology, computer science or similar discipline or comparable work experience
Demonstrated experience in an security operational support and lead roles
Demonstrated knowledge and experience evaluating, designing, testing and supporting hardware and software based security tools
Deep knowledge of security tools, including Firewall, IDS, IPS, email encryption, DLP, vulnerability scanning, penetration testing, anti-virus, spyware, as well we methods to implement such tools in a complex environment
Experience with ISO 27001/27002 standards, the HiTrust Common Security Framework, HIPAA
Privacy and Security Regulations;
Extensive knowledge and understanding of network and OS principles, technologies and systems
Ability to audit existing applications, and implement procedures to improve security
Must have excellent written and oral communication skills
Ability to prioritize and drive results with a high emphasis on quality
Ability to discuss security risks in business terms and develop practical, risk-based approach to mitigate risks
Ability to work independently and take ownership of assigned projects
Must be detailed oriented and be able to meet deadlines
5+ years of prior experience working in an enterprise IT environment
Travel requirement: Up to 10% domestically in the US, subject to change. Some travel to foreign locations possible.
For a full listing of jobs, go to www.nelsonjobs.com, our premier job search engine for candidates. Comprised of three major business units—Nelson & Associates, Nelson Staffing, and Nelson Technology—this company with 40+ years in staffing provides recruiting services to clients and candidates in accounting & finance, clerical, administration, human resources, technology, light industrial, manufacturing, legal, engineering, computer gaming, digital media, and the wine and beverage industries. Nelson places job candidates quickly in a number of fields in full-time, executive, consultative, and temporary positions.