This is the individual responsible for developing Information Security concepts, methods, and strategies that drive continuous improvements in the overall security posture. The candidate will actively lead the development and implementation of Information Security frameworks, methodologies, policies, procedures, and standards, related to operational risk management, and IT audit procedures. The candidate will also partner with peers in other functional groups to develop and implement Information Security and Disaster Recovery programs that minimize risk and reduce exposure for the company.
The ideal candidate will be the primary point of contact for all SOX IT Audit activities, coordinating with the Internal Audit team, external auditors, functional IT teams, Business Unit, and business functional organizations. One of the primary objectives will be identifying potential SOX gaps or deficiencies, and devising the gap remediation or process improvement activities, in partnership with the business functional organizations, IT teams, application owners, and platform owners.
Operationally, this person will be responsible for monitoring the security environment (i.e., thresholds, alerting systems), to identify threats, attacks, and intrusion attempts, to defend against internal and external threats. In addition to the technical requirements, the Manager, Information Security will also be expected to effectively communicate (written, verbal, presentations) risks and improvement plans, and execute those mitigation plans.
Business needs dictate that this position requires the presence and ability to work on-site 100%. Therefore, telecommuting, or virtual/remote options will not be available.
ESSENTIAL DUTIES & RESPONSIBILITIES
· Lead and coordinate the development and progress of the Information Security posture improvement plan to include the identification of strategic goals and the path to achieve set objectives.
· Experience developing and maintaining stakeholder relationships across large organizations, identifying Information Security threats, and building actionable remediation plans.
· Possesses strong background in a public company managing the SOX and IT Audit process to include gap remediation and long-term process improvements across in-scope systems & applications.
· Experience building an Information Security dashboard and SLA based metrics environment that identifies gaps, improvements, and operational performance across key Security posture pillars and functional areas.
· Stays abreast of regulatory compliance standards, new and developing information security risk trends, and best practices while minimizing impact to the business.
· Implement Disaster Recovery (DR) and Business Continuity Planning (BCP) improvements for failover and resiliency on critical business applications (i.e., ERP, others) and platforms.
· In partnership with the Chief Information Officer (CIO), manage partner/vendor (3rd party) SLA adherence across executed agreements.
· Bachelor’s degree (technical or business field preferred); Master’s degree or MBA is a plus.
· Possesses current certification(s) in cybersecurity that demonstrate active awareness and knowledge surrounding of security frameworks and best practices (i.e., CISSP, CISM, CISA).
· 10+ plus years of progressively increasing responsibility in Information Security; 5+ years of leadership experience in a public company environment and multi-location enterprise organizations.
· Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units.
· Experience maturing a Security Operations function (AV/Malware, SIEM, DLP, patch management) to achieve consistent SLA performance.
· Background with log collection and analysis as part of an investigation process.
· Recent Incident response/Crisis response implementation experience, and proven implementation of these processes across multiple business units.
· Excellent verbal and written communication skills; Experience communicating Security metrics and dashboards at all levels.
· Ability to travel up to 30% as needed