A financial institution client of Insight Global is seeking a Manager of Information Security to join their InfoSec and Risk Management team. This is an excellent opportunity for anyone looking to make an impact in a growing organization. The Manager of Information Security monitors, reviews, and reports on the effectiveness of the Information Security Program for the organization; monitors essential controls to ensure that risks are appropriately assessed and mitigated; oversees the development of information security policies, standards, procedures, and testing and security reporting processes.

Duties & Responsibilities:

– Develop and implement the organization's Information Security Risk Management Program, including maintaining a schedule of ongoing risk assessments, coordinating the outsourcing of risk assessment tasks, and maintaining detailed documents outlining the risk rating for significant departments, processes, and systems within the organization.

– Partner with IT resources to define the Information Security target state and develop and implement a comprehensive Information Security Program.

– Oversee the development of information security policies and procedures. Provide information security guidance and expertise to internal personnel when new systems and procedures are being developed.

– Conduct reviews of high-risk vendors' security controls and assess the completeness of the organization's compensating controls.

– Act as a liaison between external auditors and IT personnel, and assist IT with developing remediation strategies and responses to audit findings.

– Create and manage an overall Information Security Awareness & Education program. Identify annual training standards for all Team Members.

– Coordinate and supervise the activities of the Information Security Department.

– Monitor changes in local, state, and federal regulations and industry standards affecting information security, and make recommendations to management regarding security controls.

– Bachelor's degree in Cybersecurity, Computer Science, Programming, or a similar field is required or (2) certifications; CISSP, CISA, CISM or equivalent certification is required in lieu of 4 year degree with equivalent work experience.

– 10 years' experience in Information Security or related field.

– 4+ years' demonstrated experience in building, developing, and managing high performance teams.

– Experience in assessing the security needs and coordinating all parts of a security program.

– Experience with policy generation and implementation within a large enterprise. Experience working in a financial institution is preferred.

– Advanced knowledge of industry standards adopted by ISO, NIST, COSO, FFIEC, NCUA and others that influence the information security program.

– Demonstrated understanding of technical security concepts and tools, such DLP, EDR, business continuity, incident response, and vulnerability management.