A financial institution client of Insight Global is seeking a Manager of Information Security to join their InfoSec and Risk Management team. This is an excellent opportunity for anyone looking to make an impact in a growing organization. The Manager of Information Security monitors, reviews, and reports on the effectiveness of the Information Security Program for the organization; monitors essential controls to ensure that risks are appropriately assessed and mitigated; oversees the development of information security policies, standards, procedures, and testing and security reporting processes.
Duties & Responsibilities:
– Develop and implement the organization's Information Security Risk Management Program, including maintaining a schedule of ongoing risk assessments, coordinating the outsourcing of risk assessment tasks, and maintaining detailed documents outlining the risk rating for significant departments, processes, and systems within the organization.
– Partner with IT resources to define the Information Security target state and develop and implement a comprehensive Information Security Program.
– Oversee the development of information security policies and procedures. Provide information security guidance and expertise to internal personnel when new systems and procedures are being developed.
– Conduct reviews of high-risk vendors' security controls and assess the completeness of the organization's compensating controls.
– Act as a liaison between external auditors and IT personnel, and assist IT with developing remediation strategies and responses to audit findings.
– Create and manage an overall Information Security Awareness & Education program. Identify annual training standards for all Team Members.
– Coordinate and supervise the activities of the Information Security Department.
– Monitor changes in local, state, and federal regulations and industry standards affecting information security, and make recommendations to management regarding security controls.
– Bachelor's degree in Cybersecurity, Computer Science, Programming, or a similar field is required or (2) certifications; CISSP, CISA, CISM or equivalent certification is required in lieu of 4 year degree with equivalent work experience.
– 10 years' experience in Information Security or related field.
– 4+ years' demonstrated experience in building, developing, and managing high performance teams.
– Experience in assessing the security needs and coordinating all parts of a security program.
– Experience with policy generation and implementation within a large enterprise. Experience working in a financial institution is preferred.
– Advanced knowledge of industry standards adopted by ISO, NIST, COSO, FFIEC, NCUA and others that influence the information security program.
– Demonstrated understanding of technical security concepts and tools, such DLP, EDR, business continuity, incident response, and vulnerability management.
To apply for this job please visit itjobpro.com.