Corporate & IT Security
Company Name:
ACG Resources/Adams Consulting Group, LLC
Position: Manager of Corporate & IT
Location: Mineola, New York
Reports To: President/CEO
Client is seeking a hands-on Manager of Corporate and IT Security with experience in Information Security Operations and Engineering and knowledge of the financial services industry . This is a senior level executive responsible for establishing and maintaining the enterprise vision, strategy and program to ensure the protection of Client's information assets, facilities and employees.
Responsibilities
o Lead operational risk management activities to enhance the value of the company and brand.
o Safeguard the company's assets, intellectual property and computer systems as well as the physical safety of employees and visitors in CLIENT'S' three locations
o Identify protection goals, objectives and metrics consistent with the company's strategic plans.
Manage the development and implementation of enterprise-wide security policy, standards, guidelines and procedures to ensure ongoing maintenance of security as follows: Security Operations , o Identity and Access Management, Encryption & Key Mgt,
Anti-Virus/Malware Management, Security Logging, Firewall & VPN Mgt, Configuration, Patch & Vulnerability Mgt, Security Engineering & Architecture, Secure Build Management, Role Engineering/RBAC, Data Engineering, Disaster Recovery & BCP
o Review and modify client's DRP and BCP as applicable
o Perform all required activities to maintain the company's DRP and BCP
o Support IT and business in testing, selecting, architecting and deploying DRP/BCP solutions and processes
o Fraud and Incident Management
o Manage activities related to security incidents, fraud investigations and forensic activities impacting the company
o Manage Alert Threat Logic application at Rackspace
o Strategic Planning & Management
o Business & IT Alignment
o Manage all security/vendor assessments and on-site audits
o Coordinate and manage third party security and operational audits of CLIENT'S including relationship with System Experts
o Manage annual review of CLIENT'S documentation including Security Policy Manual, Risk Management Plan, DRP, BCP, Privacy policy etc. and coordinate with Senior Business Manager on revisions as needed
o Design and implement formalized security awareness program for employees
Basic Qualifications
o Bachelor's or Master's degree in MIS, Information Security, or other related technical field
o 7-10 years of IT Risk Management/Information Security/Information Technology with at least 5 years in Information Security
o IT Risk Management/Audit certification (CISSP, CISA or CISM)
Preferred Skills
o Demonstrated ability to think critically about IT risks to include the protection of CLIENT'S customer data, identifying control gaps and communicating remediation plans to CLIENT'S management team.
o Knowledgeable in the ISO 27001/27002 framework and NIST Information Security risk framework.
o Working knowledge of federal and state laws and regulations related to information security, privacy, risk and compliance management for a solutions provider to the financial services industry.
o Extensive knowledge and understanding of network and system security technology and practices across all computing platforms, including but not limited to mainframe, client-server, PC/LAN and telephony.
o Working knowledge of internal control concepts (i.e. COSO and COBiT) and methods of incorporating internal controls into operational policies and procedures.Estimated Salary: $20 to $28 per hour based on qualifications.
ACG Resources/Adams Consulting Group, LLC
Position: Manager of Corporate & IT
Location: Mineola, New York
Reports To: President/CEO
Client is seeking a hands-on Manager of Corporate and IT Security with experience in Information Security Operations and Engineering and knowledge of the financial services industry . This is a senior level executive responsible for establishing and maintaining the enterprise vision, strategy and program to ensure the protection of Client's information assets, facilities and employees.
Responsibilities
o Lead operational risk management activities to enhance the value of the company and brand.
o Safeguard the company's assets, intellectual property and computer systems as well as the physical safety of employees and visitors in CLIENT'S' three locations
o Identify protection goals, objectives and metrics consistent with the company's strategic plans.
Manage the development and implementation of enterprise-wide security policy, standards, guidelines and procedures to ensure ongoing maintenance of security as follows: Security Operations , o Identity and Access Management, Encryption & Key Mgt,
Anti-Virus/Malware Management, Security Logging, Firewall & VPN Mgt, Configuration, Patch & Vulnerability Mgt, Security Engineering & Architecture, Secure Build Management, Role Engineering/RBAC, Data Engineering, Disaster Recovery & BCP
o Review and modify client's DRP and BCP as applicable
o Perform all required activities to maintain the company's DRP and BCP
o Support IT and business in testing, selecting, architecting and deploying DRP/BCP solutions and processes
o Fraud and Incident Management
o Manage activities related to security incidents, fraud investigations and forensic activities impacting the company
o Manage Alert Threat Logic application at Rackspace
o Strategic Planning & Management
o Business & IT Alignment
o Manage all security/vendor assessments and on-site audits
o Coordinate and manage third party security and operational audits of CLIENT'S including relationship with System Experts
o Manage annual review of CLIENT'S documentation including Security Policy Manual, Risk Management Plan, DRP, BCP, Privacy policy etc. and coordinate with Senior Business Manager on revisions as needed
o Design and implement formalized security awareness program for employees
Basic Qualifications
o Bachelor's or Master's degree in MIS, Information Security, or other related technical field
o 7-10 years of IT Risk Management/Information Security/Information Technology with at least 5 years in Information Security
o IT Risk Management/Audit certification (CISSP, CISA or CISM)
Preferred Skills
o Demonstrated ability to think critically about IT risks to include the protection of CLIENT'S customer data, identifying control gaps and communicating remediation plans to CLIENT'S management team.
o Knowledgeable in the ISO 27001/27002 framework and NIST Information Security risk framework.
o Working knowledge of federal and state laws and regulations related to information security, privacy, risk and compliance management for a solutions provider to the financial services industry.
o Extensive knowledge and understanding of network and system security technology and practices across all computing platforms, including but not limited to mainframe, client-server, PC/LAN and telephony.
o Working knowledge of internal control concepts (i.e. COSO and COBiT) and methods of incorporating internal controls into operational policies and procedures.Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
