Overall Job Summary

This position is responsible for the oversight and development of security and business continuity plans (BCP) processes and design/planning of security and Disaster Recovery (DR) initiatives supporting IT projects.  

Essential Duties and Responsibilities (Min 5%) Advise the organization with current information about information security technologies and related regulatory issues.   Allocate resources and supervise direct reports.  Hire, develop, and motivate assigned staff.  Review and analyze existing security services for effectiveness and efficiency, and then develop strategies for improving or leveraging these systems.  Research and make recommendations on security products and services in support of information technology efforts.  Assess and cultivate long-term strategic goals for IT area of responsibility in conjunction with department managers, clients, and other key stakeholders.  Cultivate, disseminate, and enforce information security policies, procedures, and standards.  Monitor compliance with information security policies and procedures, referring problems to the appropriate department manager. 
  Required Qualifications

Experience: 7-9 years’ experience in Information Security/Information Technology. 2 years’ management experience leading teams. Experience working with compliance frameworks and SIEM (Security Information and Event Management) systems. 

Education: Bachelor’s degree from an accredited college or university in Computer Systems design or Computer Science.  Any suitable combination of education and experience will be considered.  

Professional Certifications: Security certifications from SANS, ISC2, Cisco, or Microsoft is preferred. 

Platform knowledge (UNIX, Linux, Windows): Systems administration background on any applicable platform such as Linux/UNIX, Windows, and Cisco IOS is preferred. 
 

Preferred knowledge, skills or abilities Comprehensive knowledge of compliance frameworks such as Sarbanes-Oxley, PCI, or ISO.  Comprehensive knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.  Comprehensive technical knowledge of network, PC, and platform operating systems, including Cisco, Microsoft, and Linux.  Advanced ability to conduct research into security issues, standards, and products as required.  Advanced ability to work on Information Security sponsored projects, which includes providing necessary documentation, establishing and meeting timelines.  Advanced ability to promote Security Awareness training.  Advanced ability to create and/or maintain documentation including policies, procedures, security awareness tips, and compliance reports.  Knowledge of TCP/IP and network administration/protocols is preferred.  Proficiency in MS Office Suite.  Superior negotiation and vendor management skills. 
  Working Conditions Normal office working conditions Must be able to work some nights and weekends Occasional travel required Physical Requirements Sitting Standing (not walking) Walking Kneeling/Stooping/Bending Driving a vehicle Reaching overhead Lifting 50+ pounds Disclaimer

This job description represents an overview of the responsibilities for the above referenced position.  It is not intended to represent a comprehensive list of responsibilities.  A team member should perform all duties as assigned by his/ her supervisor.

Company Info