IT Security Manager
IT Enterprise Architect
The IT Security Manager reports to the Senior Director of Technology and must possess an expert level of skill and knowledge in security concepts, principles, and practices for an enterprise security program model. Be able to evaluate and define a strategy for the design, implementation, and training of corporate security goals aligned to requisite legal, regulatory, and corporate business goals with security best practices. Manages subordinate staff in the day-to-day performance of their job duties.
- Develop and implement security policies, protocols and procedures
- Protect computers, networks and data against threats, such as security breaches, computer viruses or attacks
- Attend meetings with other team leaders to determine operational needs
- Plan and coordinate security operations for specific events
- Coordinate incident response for emergencies and alarms
- Review reports on incidents and breaches
- Investigate and resolve issues
- Create reports for executives on security status
- Analyze data to form proposals for improvements (e.g. implementation of new technologies)
- Provide information security awareness training to company personnel
- Creating and managing security strategies
- Oversee external or internal information security audits
- Manage security team members and all other information security personnel
- Provide training to information security personnel during onboarding
- Evaluate department budget and costs associated with technological training related to security and security solution and services
- Controlling budgets for security operations and monitoring expenses
- Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
- Implement and oversee technological upgrades, improvements and major changes to the information security environment
- Serve as a focal point of contact for the information security team, the company, and customers related to security support and needs
- Manage and configure physical security, disaster recovery and backup systems
- Communicate information security goals and new programs effectively with other teams
- Perform other related duties as assigned
- Usage of Technical Expertise: Acquiring and applying technical and functional knowledge in one's own technological area of specialty.
- Leadership: Achieving results through people by successful objective setting, performance review, motivation, delegation, team-building, commitment gains, and empowerment.,
- Planning and Organizing: Setting priorities and defining actions, time, and resources needed to achieve predefined goals.
- Written Communication: Expressing ideas and opinions clearly in properly structured, well-organized, and grammatically correct reports or documents; utilizing language and terminology.
This position has supervisory responsibilities.
This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
Must be able to perform repetitious hand/eye movement. Must be able to sit for long periods. Must be able to lift up to 30 lbs.
Position Type/Expected Hours of Work
This is a full-time position. Days and hours of work are Monday through Friday, 8:00 a.m. to 5:00 p.m.
0% - 10%
Required Education and Experience
- High School diploma or GED
Preferred Education and Experience
- Bachelor’s Degree
- Able to operate independently, with little to no supervision, while performing job duties
- Advanced understanding of firewalls (functionality and maintenance), switches, routers, email gateway and DLP, IPS/IDS, anti-virus/malware, vulnerability scanning, VSX and Endpoint security solutions, system event and system monitoring solutions, and security-related systems
- Advanced understanding of cloud architecture and cloud security practices
- Advanced understanding of and practical experience with protecting data at rest, data in motion and data at endpoint concepts
- Knowledge of Security Profiling and Threat models
- Familiarity with cryptographic algorithms and libraries
- Advanced understanding of network protocols, ports, and services
- Advanced understanding of operating systems and related components
- Advanced understanding of applicable compliance, legal, state regulations and/or other security-related requirements
- Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills
- Ability to work in a team environment under pressure in dealing with security incidents
- Ability to maintain in depth knowledge and networking infrastructure utilized by the company including the management and reporting of each
Additional Eligibility Qualifications (Knowledge, Skills, Abilities)
- CompTIA Security+
- Security Associate of (ISC)2
- Certified Information System Security Professional (CISSP)
- Certified Security Analyst (CSA)
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.