Manager, IT Security
Manager, IT Security
Job Summary :
The Manager, IT Security will manage a team of security professionals that will oversee the establishment, implementation, monitoring and adherence to policies and procedures that support all internal and external security areas of IT. The Manager, IT Security will define all facets of Security Risk Management processes and initiatives. The Manager, IT Security will take the leadership role in identifying and implementing incident response protocols. Is the process owner for all ongoing activities that support the protection, confidentiality and integrity of all employee, customer and organizational information in compliance with established IT security policies. The Manager, IT security will manage/mentor staff of Security Analysts.
Position Scope:
o Establishes and documents systems security policies and procedures throughout the organization.
o Responsible for employee, contractors or other 3rd party's awareness and training on information security policies and procedures.
o Performs information security assessments and serves as an internal auditor for all security issues. Responsible for all internal and external data security policies, testing and corrective actions.
o Implements corrective actions and recommendations resulting from security assessments.
o Reports security related issues directly to business unit management.
o Ensures all intrusion and misuse detection reports are reviewed, and corrective action is taken.
o Responsible for oversight of all additions, changes and removal of any user credentials.
o Manages day to day support items as well as project work.
o Manages vendor relationship for all hardware, software and external security testing.
o Coordinate with Legal Services to ensure compliance with various statutes and regulations governing information security and privacy.
o Participate in project and department budgeting process.
o Responsible to Disaster Recovery security plan.
Essential Functions of the Job : (% of Time)
o Provides technical and administrative guidance, along with budgetary management, to a team of Security Analysts engaged in the overall administration of all GSC IT security areas. This includes documentation of all security policies and assessment procedures as well as corrective actions in reaction to the security assessments. (30%)
o Maintains software vendor relationships providing guidance on security alerts, open issues and patches while coordinating effective actions. (15%)
o Develops and oversees the training, development and adoption of state of the art security and prevention procedures. (20%)
o Manages, attracts and retains talent within the team, providing day to day direction, feedback, developmental guidance, performance appraisals, recommendations on goals and reward recommendations. (10%)
o Other responsibilities, including: (25%)
- Provide leadership to staff and project initiatives.
- Participate in developing, managing, and controlling departmental budget.
- Participate in tactical and strategic planning for all levels of IT Security activities.
- Assume lead position in the selection of all security related 3rd party tools.
- Will oversee the design of all internal and external IT security related areas.
- Will be a key stakeholder within the Disaster Recovery team.
- Reports security related issues directly to business unit management.
Ensures all intrusion and misuse detection reports are reviewed, and corrective action is taken.
- Comply with GSC policies and procedures, including the IT Methodology.
- Work to improve IT departmental efficiency
Performance Measurements
Yearly performance appraisals will include, but are not limited to the review of the following areas. Other areas may be included / added as business needs warrant.
Key Characteristics for Success:
o Collaboration / Communication / Teamwork skills; ensure successful interaction within the organization.
o Strategic Thinking; ability to consider a problem abstractly and develop an approach that is appropriate for GSC.
o Ability to take independent action, working with a high level problem or concept, developing the right next steps independently to propose resolution.
o Personal Accountability and Motivation in setting personal and project goals and driving progress.
o Strong problem solving skills.
o High level of confidence and resiliency in order to build relationships across all levels of the organization.
o Local knowledge of GSC Information Technology, key business processes, and industry awareness of trends for IT security technology.
o Credibility and Presence: the ability to capture the confidence of the organization in presenting new ideas or solutions.
o Influence Skills: the ability to factually resolve conflicts and differences of opinion in a respectful yet assertive way.
o Ability to: Package and syndicate a message, Garner support, Drive and document Vision / Strategy.
o Plan & Organize, providing progress on multiple projects.
o Build Perspective, researching best practices and trends to shape GSC's security approach.
o Concisely and effectively communicate progress, status and issues.
o Build strong collaborative partnerships with team, vendors, business partners and technology partners.
o Balance creativity and innovation against practical / cost effective approaches.
o Must be able to present (oral or written) to both Executive Leadership or large groups of professionals.
Required:
- Education: Bachelor degree in Business or Computer Sciences or related education. Will consider
significant relevant experience in lieu of degree.
- Experience: 7+ years in IT Management / IT Security.
Preferred:
- Education: Master degree in Business or Computer Sciences.
- Experience: Building IT Security team from ground up.
- Experience: PCI compliance.
Position List | Apply for Position