Senior Manager, Security & Compliance
Our client is looking for a Senior Manager of Information Security & Compliance to drive our security and compliance strategy. In this unique role, the information security leader will act as process owner for the development and implementation of an organization-wide information security program and ongoing activities to preserve the availability, integrity and confidentiality of the company’s information resources in compliance with applicable security policies and standards. You will bring your leadership presence and security experience to oversee the implementation of the information security program, working closely with your business partners and stakeholders.
This role leads two distinct functions and partners closely with external vendors, including a Managed Security Service Provider. The ideal candidate will have a deep security and compliance background and demonstrated experience influencing and driving change through an organization. This position is both strategic and tactical in nature.
Senior Manager, Security & Compliance Responsibilities
Collaborate with all business groups in formulating policy and strategy for Information Security.
Communicate and educate all levels of business leadership on the value and their role in IT Security to the company.
Develop and maintain IT security policies, procedures and guidelines as required ensuring changing enterprise needs are met.
Regularly discover and assess security threats & risks that could reasonably be of impact to company and create strategic and tactical plans to mitigate those risks.
Review availability and identification of unacceptable levels of supplier risk as they pertain to IT security requirements and hold those suppliers accountable to action plans to mitigate those risks.
Review incident reports for compliance with policy and procedures and provide for modification of policies and procedures to address new security threats.
Coordinate development and end user training in accordance with security policies and procedures.
Define high level security requirements across multiple disciplines of IT including applications, network and systems.
Review and approve service provider’s security solutions and procedures as they apply to services being utilized.
Regularly review and approve project level security requirements and impacts, ensuring IT security best practices, policies and procedures are applied.
Conduct routine audits of systems & processes to assess adherence of systems to regulatory, compliance, and best practice standards requirements. Collaborate cross functionally to ensure remediation plans are clear and meeting objectives.
Communicate in written and verbal forms to all levels of the organization on security issues and plans.
Incorporate ITIL best practices in the go forward plans and procedures for security.
Act as the coordination point for security events, and routine audit processes.
Coordinate responses for customer-initiated documentation requests, regarding security policies, procedures and events.
Provide security requirements for new technologies that are both planned for implementation and under review for potential future deployment.
Senior Manager, Security & Compliance Qualifications
Bachelor’s degree in computer science or related field and/or 4+ years of professional IT security and leadership experience.
At least 3 years of information security management experience is required.
At least 3 years of demonstrated technical leadership across one or more technical domains such as application development, systems engineering, network engineering, end point management, cyber security tools (EDR, IDS/IPS, Systems Hardening, etc.).
Certified Information Systems Security Professional (CISSP) is preferred.
Certified Information Systems Auditor (CISA) and Certified Information Security Manager preferred.
Demonstrated experience implementing security initiatives that require partnership with business, functional IT departments, and customers.
Demonstrable experience implementing and operating within industry standard governance frameworks such as Cobit 5, CoSo, or others.
In-depth knowledge of IT security practices and procedures for enterprise environments including, but not limited to, mobile devices, cloud services, enterprise applications, data centers and networks.
Desired general knowledge of technical architectural disciplines including:
Business systems, and web architectures.
System and network security and controls.
Multi-unit/retail-like systems & end-point architectures.
Current security trends in End Point (PC / Tablet / Smart Phone) technologies.
Advanced knowledge of information security principles and processes including security risk assessment standards, risk assessment methodologies, and vulnerability assessment.
Superior written and verbal communication skills.
Demonstrated ability to build relationships with business, supplier, and technology stakeholders.
Demonstrated ability to implement business-driven solutions in a complex environment.
VanderHouwen is an award-winning, Women-Owned, WBENC certified professional staffing firm. Founded in 1987, VanderHouwen has been successfully placing experienced professionals throughout the Pacific Northwest and nationwide. Our recruitment teams are highly specialized in either Technology and IT, Engineering, or Accounting and Finance career markets. Our recruiters value building meaningful, professional relationships with each candidate as well as developing honed knowledge of companies' staffing needs and workplaces. Partner with us to land your next exciting career.
VanderHouwen is an Equal Opportunity Employer and participates in E-Verify. VanderHouwen does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other characteristic protected by applicable local, state or federal civil rights laws.
- Senior Supplier Relationship and Performance Manager
- Account Management Director – Pharmacy
- IT Manager of Business Applications and Integrations
- IT Manager of Business Applications
- Web Development Supervisor