IT Security Manager
ANCRA INTERNATIONAL, LLC

Job Info

---

SUMMARY:

Build, maintain, and troubleshoot the company IT infrastructure delivering mission critical applications and data. Ensure the highest levels of availability, performance and security. Develop, implement, and manage the IT Security Roadmap to protect all enterprise systems, applications, and data. Establish an enterprise security stance through policy, architecture and training processes.

KEY RESPONSIBILITIES:

• Develop an Information Security Strategy, and a roadmap for strategy implementation.
• Be very proactive in understanding and staying up-to-date to address technology shifts and threats on the horizon.
• Relay best practice recommendations based on evolving threat landscape to protect intellectual property and drive strong security culture.

• Manage the creation and maintenance of a comprehensive education and awareness program.
• Develop information security policy, standards, and guidelines appropriate to business, technology, and legal requirements and in accordance with best industry practice.
• Create a framework for roles and responsibilities with regard to information data ownership, classification, accountability and protection.

• Facilitate security governance across the business.

• Be a champion for pushing IT standards, procedures, policies, and best practices.

• Create documentation concerning IT systems and IT procedures.
• Develop and communicate standards of use, operations and security of network, personal computers, and data.
• Oversee and manage response to major threats.

• Take ownership of security control reviews following security incidents. Drive action plans to completion to shore up our environment based upon the understanding from the Root Cause Analysis.

• Shape solution delivery to protect the company's data, systems, and intellectual property.
• Drive and instill continuous improvement discipline within IT and in the business. Strive to identify opportunities to reduce the overall cost to serve and operate new solutions.

• Identify and recommend improvement opportunities based on unsatisfactory regulatory compliance results and responsible for remedial actions to their resolution.

• Research and evaluate new IT security technology trends and applicability of software/hardware solutions.
• Make recommendations regarding hardware and software acquisitions.
• Oversee the operation of existing applications and services owned by IT Security.
• Direct and provide a strategic risk management vision to effectively secure the business without slowing company innovation and execution.
• Play a key role in disaster recovery and business continuity.
• Report regularly to Global IT Director and Group Management Team, keeping them abreast of the threat landscape and the tactical controls and strategic plans to achieve success.
• Liaise among various groups inside and outside of IT, including Corporate Compliance, Internal Audit, Finance, Legal and HR management teams as required.
• Vendor management and contract negotiation.

POSITION REQUIREMENTS:

• Bachelor's Degree in Information Technology (IT) or comparable degree
• 8+ years operational experience in IT Infrastructure and IT Security
• 4+ years of experience managing projects and developing IT and Security concepts in a global business environment

• Deep technical background in IT Infrastructure and IT Operations:

• Microsoft products e.g. Microsoft server operating systems, Active Directory, SQL, Enterprise Office 365, Azure, OneDrive, SharePoint, and Teams
• Server Management incl. configuration, anti-virus, virtualization, patching, backup
• Networking: switching and routing, layer 2 VLANS, layer 3 routing, TCP/IP, MPLS, VPN
• Firewall (SonicWall preferred)

• Solid Information Security background, including information and cyber security assessment, risk analysis, privacy, data protection, regulatory frameworks, as well as risk and security architecture and demonstrated experience in leading cyber incident response.

• Strong knowledge of information security threats, vulnerability management, and countermeasures and associated operational best practices.

• Proven track record and experience in developing and maintaining information security policy, standards, and guidelines.
• Experience with security industry standards (ISO 27001, NIST Cybersecurity Framework, PCI).

• Knowledge and understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX) and Payment Card Industry/Data Security Standard Personally Identifiable Information (PII).
• IT security certifications (CISSP, CISM, CISA, GIAC, ISACA, ISC or similar) are a plus.

• Demonstrable experience running security education programs.
• Understanding of overall business and IT strategy and ability to develop solutions with management at all levels.
• Strong project management skills and experience implementing IT solutions (PMI certified is a plus).
• Service oriented approach in IT (ITIL certified is a plus).
• Customer orientation (e.g., short response times, appropriate communication and continuous information flow, adequate solutions).
• Good analytical, communication and presentation skills.
• Drive for excellence in own work and cooperation with customers/ colleagues/ employees.
• Value based people management including "leading by example".
• Ability and willingness to integrate, cooperate and succeed in a multi-national group (i.e., traveling abroad, understanding corporate needs, and implementing, co-operating, and communicating with colleagues from overseas).
• Efficient and resilient work style (e.g., priority setting, willingness to work overtime in peaks, absorb pressure).
• Interest in continuous learning.

EOE M/F/D/V

 

This job has expired.