|Reference #||19-00809||Title||Information Security Manager|
|Position Type||Direct Placement|
|Experience Level||Direct Placement|
|Start Date / End Date||07-01-2019 --- 30-11--0001|
Client is looking for a pragmatic information security manager. This person will be a driving force for our compliance programs. He or she will work directly for the CTO and alongside a business compliance manager. We're looking for someone who is positive, works well with others, and meets the qualifications listed below.
Manage the IT side of the following programs: SSAE 16 SOC 2, PCI DSS, and GDPR.
Provide guidance on information security policies, processes, procedures, controls, risk management, and compliance.
Encourage employee contribution to security practices across the organization.
Develop strategies and plans for information security programs, processes, and tools.
Respond to changes in the regulatory environment and assisting other organizations in doing the same.
Make strategic recommendations to enhance information security, including processes, procedures, governance approaches, and compliance.
Deploy, govern, enhance, and mature enterprise-wide programs to ensure confidentiality, integrity, and availability are met.
3+ years hands on experience within information security with an emphasis on governance. Network security and vulnerability management are helpful.
2+ years of experience working with internal and external auditors.
Understands concepts of controls and compliance.
Preferred experience working with disaster recovery and business continuity processes.
Proven ability to represent and speak on behalf of information security and technology teams while working with clients, auditors, and regulatory examiners.
Possess the expertise to determine when to engage subject matter experts and the skill to prepare them for meetings with auditors or examiners.
Excellent interpersonal skills to work with varied constituents.
Excellent verbal and written communication skills.
The ability to drive results without direct authority.
Excellent time management skills. The ability to prioritize and multi-task.
Holds a Bachelor's degree in Information Systems or has equivalent work experience
Professional certification preferred (CISSP, CISA, CISM)