IT Security Manager
IT Security Manager to help grow Security capabilities within an established multibillion-dollar company!
IT Security Manager to build out and enhance the current security group within Twin Cities HQ for a long-established company with billions in revenue.
- Develop, implement, and monitor strategic and tactical plans, comprehensive enterprise information, and the security and risk management program to ensure the confidentiality, integrity, and availability of information owned, controlled, or processed by the company
- Develop, maintain, and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices in the company security management framework
- Lead the day to day operations of the Information Security team including training, staff development, and third-party partnerships
- Mentor and coach IT professionals
- Manage security regulatory and compliance requirements
- Manage periodic security assessments, vulnerability assessments, and business continuity tests
- Develop metrics and reporting for measuring and improving the effectiveness of the overall information security framework.
- Drive continuous improvement, improving service levels and reducing the overall risk exposure for the organization
- Assess risk and continuously perform gap analysis on the security controls and strategy.
- Propose changes to decrease risk while improving protection of customer data.
- Manage security incidents and events to protect corporate IT assets, and act as the primary corporate control point during follow-up on significant information security incidents
- Provide strategic risk guidance and advocacy for infrastructure investments and IT projects including project prioritization, and the evaluation and recommendation of technical controls
- Oversee the coordination of IT Business Continuity and Disaster Recovery planning to ensure IT systems can respond to a disaster so that critical business functions can be resumed within a defined time frame and data loss is minimized
- Actively embrace our IT framework.
- Partner with IT Directors
- Build relationships, provide work coordination and act as an IT liaison with other internal Companies, departments, and strategic partners
- 7+ years of IT experience
- 5+ years of experience in a leadership role managing information security
- Enterprise wide expertise with information system disaster recovery planning and testing, auditing, risk analysis, business system resumption planning, and contingency planning
- Expert level understanding of computer security concepts including Identity & Access Management, Network Security, Application Security, Incident Management, and Risk & Compliance
- Successes creating and maintaining effective documentation, including policies, processes, and procedures.
- Business system continuity planning, auditing, and risk management experience as it relates to information security.
- In depth knowledge of Sarbanes Oxley, 404(a) and (b), and SOC 2 audits.
- High personal quality standards and attention to detail.
- One or more of the following certifications:
*Certified Information Systems Security Professional (CISSP)
*Certified Information Security Manager (CISM)
*(or other security industry certifications)
- Strong knowledge of Microsoft O365 and cloud technology, security, principles, and practices
- Ability to lead meetings in order to discover existing business processes, advise on best-fit technologies, gather requirements, and drive to client and drive project execution
- Strong problem-solving skills
- Create and maintain support documentation
- Documenting operational processes and problem resolutions
- Success leading enterprise-wide information security policies, standards, procedures, and guidelines
- Expertise with security software and hardware products, network security, risk assessments, audits, security architectures, business continuity and disaster recovery, incident command practices, cryptography technologies, authentication methods, virus protection, intrusion detection, access control systems and methodologies, biometrics, and privacy issues
Versique is one of the largest recruiting firms in the Midwest and specializes in both consulting and permanent placement. With a valuable blend of functional, industry and recruiting experience, our award-winning team of headhunters has a proven track record of delivering exceptional talent acquisition solutions. The Versique brand represents a powerful combination of “versatile” and “unique” as it hints at the concept of “search” in it’s pronunciation: ver-seek.