IT Security Manager

Recruiter
EDI Staffing
Location
Hauppauge
Salary
Competitive
Posted
01 Oct 2024
Closes
04 Oct 2024
Job Type
IT Security
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time
JOB SUMMARY

The IT Security Manager serves as the process owner for security and infrastructure activities related to the protection, prevention, recovery and training for users, processes and business systems information in accordance with the organization's information security policies

DUTIES & RESPONSIBILITIES

Maintain a corporate–wide information security management program to ensure that information assets are adequately protected.

Implement and monitor a strategic, comprehensive enterprise information security and risk management program

Implement security protocols and best practices to protect sensitive data and ensure compliance with regulations (e.g., SOX, PCI, GDPR).

Collaborate with software engineers, product managers, and other stakeholders to integrate security measures into the product development lifecycle.

Assist in completion of cybersecurity / data privacy review by potential customers and business partners

Maintain a vendor cybersecurity / data privacy program to perform initial and on–going diligence as to the adequacy of each vendor's cybersecurity / data privacy processes and protections.

Lead incident response efforts and investigate security incidents or breaches to mitigate risks and prevent future occurrences.

Perform penetration testing and vulnerability assessments to identify weaknesses in systems and recommend solutions for remediation.

Understand and interact with related functions to ensure the consistent application of policies and standards across all technology projects, systems and services

Provide guidance and support to internal teams on security–related matters, including training and awareness programs.

Manage team members responsible for IT security, operations and infrastructure support activities.

QUALIFICATIONS

Required:

A Bachelor's degree in IT Security, Cybersecurity or educational equivalent is a plus.

Minimum of 5 to 7 years of experience in a combination of risk management, information security and IT operations.

Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.

Knowledge of cloud platforms like AWS, Azure and tools for monitoring and securing them.

Knowledge of MDR solutions.

Strong understanding of security principles, protocols, and technologies, including encryption, firewalls, intrusion detection systems, etc.

Experience with security assessment tools and methodologies, such as penetration testing, vulnerability scanning, and risk analysis.

Familiarity with regulatory requirements and standards.

Innovative thinking and leadership with an ability to lead and motivate cross–functional, interdisciplinary.

Experience with contract and vendor negotiations and management including managed services.

Excellent written and verbal communication skills and high level of personal integrity

Preferred:

Exposure to Secure Product Development Framework (SPDF).

Relevant IT Security certifications (e.g., CISSP, CEH, CISM, etc.).

Use Palo Alto Firewall

PHYSICAL DEMANDS & WORK ENVIRONMENT

Must be able to remain in a stationary position and operate office equipment for a prolonged period.

Physical activities include, but not limited to constant manual dexterity, moving about the work site, and/or handling objects weighing up to 20 lbs.

Other infrequent physical activities include, but not limited to, positioning self to complete assigned tasks, and ascending/descending floors and/or ladders.

Must be able to work in a schedule that commensurate with business operation, including work during weekends, holidays and/or times outside of normal business hours.

Must be able to travel as business necessitates (up to 10 %).

90–100k, Hauppauge NY in office 3 days per week.