IT Security Manager
Apply NowCompany: Addison Group
Location: Houston, TX 77084
Description:
IT Security Manager
Houston, TX
$140K
Essential Job Function:
Duties/Responsibilities:
Education and/or Work Experience Requirements:
Houston, TX
$140K
Essential Job Function:
- Responsible for enterprise cybersecurity programs and activities including data protection, incident response, threat management, vulnerability management, security architecture, security risk management, awareness training, policies and standards.
Duties/Responsibilities:
- Work with third party security providers including SOC providers, managed security, MDR, pen testing, vulnerability scan providers, risk assessment and auditors.
- Develop and enhance governance, information risk, compliance (GRC) and information security programs related to system and data protection efforts across the company.
- Utilize a risk-based approach to manage information security.
- Serves as primary cyber-security threat expert keeping apprised of emerging industry trends and strategies to mitigate threats.
- Maintain and update incident response plans and lead incident response activities.
- Maintain and update information security policies, requirements, and standards.
- Develop, enhance and manage the security awareness program including employee phishing and social engineering exercises.
- Develop innovative ways to provide security awareness.
- Coordinate software development security code review.
- Lead the security evaluation of new and existing technologies and standardize system security configurations.
- Review third party contracts for security and data protection purposes.
- Participate in BC/DR plans by implementing security best practices.
- Perform various other tasks that may be assigned from time to time by Vice President and Chief Information Officer.
Education and/or Work Experience Requirements:
- Bachelor's degree from a four-year accredited college or university in Computer Science, Management Information Systems or related field required.
- Minimum three (3) to five (5) years applicable work experience required, preferably in a small environment.
- Certifications: Certified Information Systems Security Professional(CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), Certified Cloud Security Professional (CCSP), preferred.
- Secure network architectures
- Identity and access management principals
- Cloud security best practices
- Risk management frameworks
- Virtualization technologies
- Incident response methodology and management
- Penetration and vulnerability management systems
- Cybersecurity training programs including phishing, social engineering and compliance
- Secure coding practices Experience implementing security standards including NIST Cybersecurity Framework, ISO 27000 series, PCI-DSS, HIPAA and CIS Critical Security Controls
- Strong problem solving, decision-making skills
- Ability to prioritize and manage multiple tasks in a high-energy environment
- Ability to document policies, standards, requirements and procedures
- Ability to maintain confidential and/or proprietary information