Manager of Information Security

Title: Manager of Information Security

Location: Remote but must sit in Alabama, Colorado, Florida, Georgia, Indiana, Kansas, Louisianna, Nebraska, Maryland, Michigan, Mississippi, North Carolina, South Carolina, Tennessee, Texas, Virgina

Type: Direct Hire / FTE

Salary Range: $100,000 - $150,000 per year

Qualifications:

• Bachelor’s degree in Information Technology, Information Security, or a related field. (A comparable combination of work experience and training may be substituted for education requirements.)
• 8 or more years progressively responsible experience in IT security operations, security analysis, to include previous management experience.
• Strong understanding of next generation firewall management, security information and event management (SIEM) and endpoint detection and response (EDR) tools.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong organization, prioritization, analytical, and problem solving skills in order to effectively manage area of responsibility and attain goals set. Able to analyze and resolve difficult and complex problems and situations.
• Strong knowledge and understanding of regulatory compliance necessary to successfully perform job responsibilities.
• Strong verbal and written communication skills and interpersonal skills in order to interact professionally and effectively with members, staff, vendors, and government regulators. Able to influence other regarding policies, practices, and procedures.

Day to Day Responsibilities:

• Lead a team of security analysts and engineers in monitoring security events, investigating potential threats, and responding to security events.
• Develop, implement, and manage a comprehensive IT security program aligned with industry best practices and security frameworks.
• Oversee the implementation, operation, and maintenance of security tools and technologies (SIEM, EDR, firewalls, intrusion detection systems, data loss prevention, etc.)
• Develop and implement security policies, procedures, and standards to ensure compliance and best practices.
• Analyze security data to identify emerging threats and vulnerabilities.
• Manage vulnerability penetration testing and remediation processes to include both internal and external regulatory required audits.
• Implement and maintain security controls to mitigate identified risks.
• Manage resources such as staff acquisition, onboarding, offboarding along with disciplinary and commendation actions as required.
• Work with internal stakeholders (e.g., IT operations, development teams) to remediate security vulnerabilities.
• Develop and implement security incident response plans and playbooks.
• Report on security metrics, trends, and incidents to senior management.
• Review and recommend new methods and procedures to make daily operations more efficient. Performs considerable short-term planning, scheduling, and coordinating within area of responsibility.