Manager, IT Information Security
Overall Job Summary
This position is responsible for the oversight and development of security and business continuity plans (BCP) processes and design/planning of security and Disaster Recovery (DR) initiatives supporting IT projects.
Essential Duties and Responsibilities (Min 5%)
- Advise the organization with current information about information security technologies and related regulatory issues.
- Allocate resources and supervise direct reports.
- Hire, develop, and motivate assigned staff.
- Review and analyze existing security services for effectiveness and efficiency, and then develop strategies for improving or leveraging these systems.
- Research and make recommendations on security products and services in support of information technology efforts.
- Assess and cultivate long-term strategic goals for IT area of responsibility in conjunction with department managers, clients, and other key stakeholders.
- Cultivate, disseminate, and enforce information security policies, procedures, and standards.
- Monitor compliance with information security policies and procedures, referring problems to the appropriate department manager.
Required Qualifications
Experience: 7-9 years’ experience in Information Security/Information Technology. 2 years’ management experience leading teams. Experience working with compliance frameworks and SIEM (Security Information and Event Management) systems.
Education: Bachelor’s degree from an accredited college or university in Computer Systems design or Computer Science. Any suitable combination of education and experience will be considered.
Professional Certifications: Security certifications from SANS, ISC2, Cisco, or Microsoft is preferred.
Platform knowledge (UNIX, Linux, Windows): Systems administration background on any applicable platform such as Linux/UNIX, Windows, and Cisco IOS is preferred.
Preferred knowledge, skills or abilities
- Comprehensive knowledge of compliance frameworks such as Sarbanes-Oxley, PCI, or ISO.
- Comprehensive knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.
- Comprehensive technical knowledge of network, PC, and platform operating systems, including Cisco, Microsoft, and Linux.
- Advanced ability to conduct research into security issues, standards, and products as required.
- Advanced ability to work on Information Security sponsored projects, which includes providing necessary documentation, establishing and meeting timelines.
- Advanced ability to promote Security Awareness training.
- Advanced ability to create and/or maintain documentation including policies, procedures, security awareness tips, and compliance reports.
- Knowledge of TCP/IP and network administration/protocols is preferred.
- Proficiency in MS Office Suite.
- Superior negotiation and vendor management skills.
Working Conditions
- Normal office working conditions
- Must be able to work some nights and weekends
- Occasional travel required
Physical Requirements
- Sitting
- Standing (not walking)
- Walking
- Kneeling/Stooping/Bending
- Driving a vehicle
- Reaching overhead
- Lifting 50+ pounds
Disclaimer
This job description represents an overview of the responsibilities for the above referenced position. It is not intended to represent a comprehensive list of responsibilities. A team member should perform all duties as assigned by his/ her supervisor.
Company Info
Nearest Major Market: Nashville