IT Security Manager - Military veterans preferred

Job Summary

The IT Security Manager ensures delivery of the planning, development and delivery of IT security strategy and best practices to ensure information system security across the enterprise. Responsible for integrating security plans and policies with the Company’s business processes, training others on security procedures, evaluation and recommendation of security products, and ensuring that the Company’s security practices are being followed and are in compliance with existing laws and regulations. Leads Disaster Recovery, Business Continuity, and Incident Response Planning. Works with IT leadership to establish the strategic direction of the Company’s information systems as well as executing the strategy in area of responsibility.

Principal Accountabilities

• Manages and coordinates multiple aspects of IT Security to safeguard internal information systems, networks and databases from unauthorized users. Implements and oversees established NIST 800-171 framework requirements.
  
• Responsible for integrating security systems, plans, policies and procedures with the Company's business processes.
  
• Monitors and analyzes technology risk trends and recommends appropriate security improvements to mitigate risk.
  
• Manages overall Disaster Recovery, Business Continuity, and Incident Response Planning.
  
• Develops, maintains and delivers current IT Security Education program.
  
• Manages the assessment and documentation of network threats, intrusion detection and virus protection systems and manages response to security incidents. Conducts investigations that require IT support.
  
• Assesses the Security impact for any new business relationships and any new technology implementations through the established Application Security Provider review process.
  
• Maintains reliable, up-to-date information from the government and across the industry regarding identification of new security threats and vulnerabilities. Conducts studies within and outside the organization to ensure compliance with standards and currency with industry security norms.
  
• Determines appropriate staffing needs of the department. Assists with the recruitment, selection, and training of personnel in accordance with organizational standards and policies.
  
• Carries out supervisory responsibilities of direct reports. Ensures that the responsibilities, authorities, and accountability of all direct reports are defined and understood. Enables an environment that fosters high performance and establishes policies to ensure adequate management development.
  
• Develops and approves an annual budget for the department, monitors for variances, and manages employment/benefit expenses within established guidelines.
  
• Supports monthly service metric presentations related to IT Security services such as Multi-Factor Authentication, Malware, Laptop Encryption and other security elements as required by management.
  
• Oversees quarterly Disaster Recovery, Business Continuity, and Incident Response Planning exercises to include global coordinated efforts and other security elements as required by management.
  
• Manages IT Security team members
  
• Performs other duties as assigned.

Knowledge & Skills

• Seasoned knowledge of information security technologies and tool sets, processes, methodologies, risk management models, and policy/procedures development.
  
• Strong leadership skills with an ability to motivate team to accomplish goals within tight timeframes and simultaneously manage several projects.
  
• Excellent communication and interpersonal skills with a demonstrated ability to influence others and communicate IT concepts to a broad range of technical and non-technical staff. Skill in working with groups to build consensus.
  
• Ability to work independently and skilled in exercising a high degree of initiative, independent judgment, discretion and decision-making to achieve organizational objectives.

Experience & Education

• Bachelor's degree in Information Security or Information Assurance; Master's degree will be considered.
  
• Typically, 10+ years experience in computer science environment focusing on information system.  Prefer at least seven years progressively responsible management experience focusing on risk management, disaster recovery, business continuity, 3rd party vendor management and information security assessments.
  
• Certified Information System Security Professional (CISSP) or Certified Information Security Auditor (CISA) certification mandatory.
  
• Disaster Recovery Certified Specialist (DRCS) or Business Continuity Certified Specialist BCCS) highly desirable.
  
• Ability to obtain Secret Security Clearance required. Top Secret Security Clearance desired and/or the ability to acquire clearance.
  
• Experience working in defense industry and working with government contractors.

Physical Requirements/Working Environment

• Normal office environment