Information Security Manager

New York, NY

Responsibilities

 

  • Manage the internal information security governance program.
  • Guide and collaborate with information security incident analysis and response teams.
  • Identify, track, and periodically communicate risks to relevant target audiences.
  • Lead in the administration of business continuity and disaster recovery plans.
  • Define and document information security standards and practices.
  • Advocate for information security policies, procedures, and standards within the firm.
  • Ensure information security practices align with regulatory requirements.
  • Assist with organizational compliance to corporate information security policies and standards.
  • Provide consulting-related services to clients; liaise with clients to identify information security risks, manage the mitigation process, and implement information security strategies, policies, processes.
  • Participate in audits, risk assessments, or gap analyses; report on findings and corrective actions for internal teams and external parties.
  • Evaluate and assess emerging information security threats; interpret and respond to information security intelligence and incident reports, escalating issues to leadership as necessary.
  • Provide operational guidance—strategic and tactical—to internal and external parties.
  • Assist with information security requirements for new IT initiatives.
  • Prepare presentations and reports on information security trends.
  • Develop and report on information security metrics (KPIs).

 

Requirements

 

  • Bachelor’s degree in computer science–related field.
  • Minimum four years’ experience in information security.
  • Working knowledge of information security standards such as ISO27001, PII, PCI, and DFS.
  • General understanding of risk-based assessment methodologies.
  • Experience auditing technical controls such as End Point Security, SIEM, and Vulnerability Management.
  • Conversational technical knowledge of networks, applications, operating systems, databases, etc.
  • Working knowledge of a variety of typical security products.
  • Experience managing team members, vendors, or consultants.
  • Excellent project management and organization skills.
  • Strong interpersonal and written/oral communication skills.
  • Ability to travel as required.
  • CISSP, CISM, CRISC, or CGEIT certifications highly preferred.

 

 

 

 

Note: Qualified candidates will be contacted within 2 business days of application. If an applicant does not meet the above criteria, we will keep your resume on file for future opportunities and may contact you for further discussion.

Date Posted 11/22/2019
Salary $130,000 - $150,000 + bonus






(2MB Max; allowed file formats: doc, docx, pdf, pptx, txt)



characters left